www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3...
Effective URL:
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Submission: On June 14 via api (June 14th 2021, 1:28:28 am UTC) from US

Summary HTTP 263 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 31 domains to perform 263 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
21	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
11	52.216.27.166 52.216.27.166	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3 6	54.72.19.162 54.72.19.162	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	3.12.243.139 3.12.243.139	16509 (AMAZON-02) (AMAZON-02)
3	3.131.245.186 3.131.245.186	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
9	52.209.147.172 52.209.147.172	16509 (AMAZON-02) (AMAZON-02)
6	34.207.8.197 34.207.8.197	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
263	47

2 2606:2c40::c73c:67e1 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.27.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.72.19.162 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-19-162.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.12.243.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-243-139.us-east-2.compute.amazonaws.com

tags.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.131.245.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-245-186.us-east-2.compute.amazonaws.com

events.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.209.147.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.207.8.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-8-197.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com 52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com	386 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	312 KB
31	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	670 KB
24	googletagservices.com www.googletagservices.com	597 KB
22	2mdn.net s0.2mdn.net	2 MB
21	adsafeprotected.com 3 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	280 KB
12	google.com www.google.com adservice.google.com	4 KB
11	amazonaws.com s3.amazonaws.com	54 KB
6	mmi360.net tags.mmi360.net events.mmi360.net	403 B
6	google.de www.google.de adservice.google.de	760 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	2 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	atdmt.com ad.atdmt.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	796 B
2	facebook.com www.facebook.com	162 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	98 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	659 B
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	t.co t.co	454 B
1	hs-scripts.com js.hs-scripts.com	648 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	hsforms.net js.hsforms.net	134 KB
1	taboola.com cdn.taboola.com	23 KB
263	31

	Domain	Requested by
39	www.cyberscoop.com	4 redirects hubspot.fedscoop.com www.cyberscoop.com
30	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com www.cyberscoop.com 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com tpc.googlesyndication.com 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
24	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com www.googletagservices.com 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com ad.doubleclick.net
22	s0.2mdn.net	1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com s0.2mdn.net 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com ad.doubleclick.net
21	securepubads.g.doubleclick.net	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net hubspot.fedscoop.com 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
9	static.adsafeprotected.com	pixel.adsafeprotected.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
7	www.google.com	www.cyberscoop.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	dt.adsafeprotected.com	f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	pixel.adsafeprotected.com	3 redirects 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ad.atdmt.com	63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com ad.doubleclick.net
3	events.mmi360.net	63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com ad.doubleclick.net
3	tags.mmi360.net	ad.doubleclick.net
3	ad.doubleclick.net	www.googletagservices.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	t.co	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
263	47

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.wsj.com
www.techrepublic.com
www.colpipe.com
www.nbcnews.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tags.mmi360.net Amazon	`2021-03-04` - `2022-04-02`	a year	crt.sh
events.mmi360.net Amazon	`2021-05-04` - `2022-06-02`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-05-15` - `2021-08-13`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Frame ID: C196A42C7689214B6B66A34AA1B481C4
Requests: 88 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 40FB4BF30E46E93BDD5A9523A44F4BE2
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: A5D0128FBA900F845B67E42227EC5A9B
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 86F1AF0EC316FFC7ACB78646F56ABE9F
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: BE2EB26AFE638236F1230A2D2EE4097E
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSgeaqxR1YJdl3Qp91yl8wAJ1QTe8rUDLLudRBBQe9bHazcZF9GhXz4Y084_7meKAHnUdz1A_wgkyLn5D2X8FfEEYWu5q6LBCIov9rGw2KLQIhKhGEi98ByR8W5bFHOrNqcpY1up2PqE4DVkYegKS49mADsyCHOPMrhvAWNSVvMYdiYnHZQ-PsnnMKBuNf3TmilKt5tB2fedlQ-jA9V-93b2vHwRR5tM5mtKO4Sq-A_vSZzPTWxzjgtnagmzS4kb-5CcMMYcw4BS4-RqBe0SGqR6oDWba2c-pjOM_HKJw&sai=AMfl-YQDnfcqrz5NLVBxyof7f1eQ8JcfKKojewb2nzT0_45eeLHIZcOE5vpWsoR7R-5yCrHCAV-VHvwF1jfPR8S4aPUIHOPLdlylk3i6m0tVrfemqOWeT7QGdGcX6c5Ttfs&sig=Cg0ArKJSzBuMIEbX44PYEAE&adurl=
Frame ID: 219B950392C1385D7BD9B888693D4747
Requests: 9 HTTP requests in this frame

Frame: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FBDCF27E776DD98372B4F9CA444F1652
Requests: 23 HTTP requests in this frame

Frame: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DF3E579CA3DCC4AC7359C4F86C819CD1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 8AD8179A2BC983585897A5352A63A3B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89BF0BFFC996B05DF7CFA50F7817AE42
Requests: 1 HTTP requests in this frame

Frame: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 22ACC5BBBA3E5AE4FDE6193F10F5FB5E
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 91DDA09A2EC9CC2918A8078D99BD2FF7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D69E09ADC7BDBDA17D8B9FC925F2A236
Requests: 1 HTTP requests in this frame

Frame: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A6081647D8093359256F4A7D79C11862
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
Frame ID: AC7DAB5DD7D87E61D181884040D3F2CC
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 371C84B84A59350F40D370F7A21F1B7C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F8E74649C598D40BD928D844FECC171
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: C0EA48C46BBC94F2241927F1A17DB8FE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AEE7FF27E052F99BBE5138DFAEBC0AE
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s
Frame ID: AE4503FD2E1EB939FC68747457995C71
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 86F3A0813EB627972CA0A2236760635E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4EDC6A35D5403BA7A000A76CD0B725FF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 6741CB9AA74DAE578E672546C16E20B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B757D3A4988949A22A5958D53B4A4D2B
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 1C94E4A76180A9808558537728CBD5E0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 5D669DC61E04B4920242643E87851934
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: F84A7FA4F00A7FDA0C8215C522F7205B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 1D3771678C7E363094265F2CA012AC77
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8ABBAFDB4722B58ED4E77B21FEE79C2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5... HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

263
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

47
Subdomains

47
IPs

4
Countries

4452 kB
Transfer

9560 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/colonial-pipeline-ceo-tells-why-he-paid-hackers-a-4-4-million-ransom-11621435636
Title: paid its attackers $4.4 million

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/ransomware-attackers-are-now-using-triple-extortion-tactics/
Title: netted an estimated tens of billions of dollars

Search URL Search Domain Scan URL

URL: https://www.colpipe.com/news/press-releases/colonial-pipeline-company-ceo-issues-statement-following-announcement-by-u-s-department-of-justice-on-recovery-of-cryptocurrency-funds
Title: Colonial said in response to the cryptocurrency seizure

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/politics/meet-the-press/sec-granholm-backs-ban-ransomware-payments-you-are-encouraging-bad-n1269776
Title: she supports a legal ban on ransomware payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&__hssc=143679850.1.1623634090681&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91?_ud=0c27533e-863f-4c5d-b726-c4b8387f8c22&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623634087033%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fdoj-darkside-colonial-cryptocurrency-seizure%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQJoHWciNsNmjgAAAXoIIg3tSolzIOyEu7nMc0ElF4CTOv-J_0PrmJXenenL9BLJnOao1Ug5

Request Chain 218

https://pixel.adsafeprotected.com/rfw/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:c0e5c7e4-85b3-d499-1f5c-ca7166f58416,c:ftxuUR,sl:na,em:true,fr:false,mn:app37ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgHaQL+111*.488356-54699614%7C1111%7C112%7C113%7C114%7C1211%7C122%7C123%7C124%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:399,oid:c6f378c2-ccaf-11eb-9425-02556ee5b261,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 222

https://pixel.adsafeprotected.com/rfw/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:d1642a8b-3cd1-e3a4-daec-6171a29c4f7f,c:ftxuWG,sl:na,em:true,fr:false,mn:app01ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgHaQu+11111%7C1112%7C112%7C1131%7C114%7C121*.488356-54309641%7C1211%7C122%7C123%7C124%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:121*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:528,oid:c6e28898-ccaf-11eb-af01-06d8cca89c2a,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 224

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:e6c58593-7d68-7a86-a403-8e67f354b959,c:ftxuWY,sl:na,em:true,fr:false,mn:app09ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgHaTw+11111%7C1112%7C112%7C1131%7C114%7C1211%7C1212%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:358,oid:c6eebe3a-ccaf-11eb-9744-0ae761671616,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

263 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr... Show response
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 53ms
53ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14696769a76f4d45f591b1adaa8e049973af59ec64211d89e3d266a63de4bbeb

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:05 GMT
content-type: text/html;charset=utf-8
cf-ray: 65efc7ab28d24e5b-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9bb1efc00004e5b3c8ee000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: c25f2a02-648b-49d2-b34f-d4d371bbed7a
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6dSE0DG7HlvmKT357pnR7S6oCAezi3KN6MrCEcGUbkpkIG902DxHaAqwYQvKA4LIC2K14g2hlVCkSScr73Yd%2F1Rphk%2FE9Ks8SD3gvyXNS5HqS56QJDZ78j6FRmiO0w%2F%2B2Ucfk5xfxo2gIY0SRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=8f2d5de60afb3e7caae59c0be3f483488eae9b86-1623634085; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-...
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

55 KB
14 KB

523ms
237ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /doj-darkside-colonial-cryptocurrency-seizure/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:28:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/56914>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=56914>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Mon, 14 Jun 2021 01:28:05 GMT
location: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
cf-ray: 65efc7ab99584e5b-FRA
link: <https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9bb1f3f00004e5b61b3b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 401163d1-3dcc-438f-98fd-d7766c6c8dc3
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zFS5O8NJmKvTJW6xZFi8qk3rHnyPr1CrTB%2FZNmI05tSM0i0auNl4jVbcpDqoPRexD%2BVdzLsN9cK2H0kq8z74nCefoOX40G2r%2B3PVOAqfx%2FFCBq6NPM23i%2B80kzhfQU2mlQEJGauYChruwyDnEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 135ms
132ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
803 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:20:31 GMT
server: ESF
date: Mon, 14 Jun 2021 01:28:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:28:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
665 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:28:06 GMT
server: ESF
date: Mon, 14 Jun 2021 01:28:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:28:06 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 135ms
132ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 jquery.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 87 KB
31 KB 135ms
132ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 11 KB
4 KB 145ms
142ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 146ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 145ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 145ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 145ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 69 KB
23 KB 129ms
43ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: n1vF9p5VnwtUi4OVeKiiCR8shgMwhmvH
content-encoding: gzip
etag: "ae15e30aca91b7a60c5cc29e73eacf0e"
age: 68
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23442
x-amz-id-2: v3jSd1ubrY//ZSaAkwjggNWZqhLtSqP3mq0TSkF/bPtUTCHFh0yAvPr5qqDnqasBsO4Uw2cbtuU=
x-served-by: cache-fra19126-FRA
last-modified: Sun, 06 Jun 2021 17:54:31 GMT
server: AmazonS3
x-timer: S1623634086.486247,VS0,VE1
date: Mon, 14 Jun 2021 01:28:06 GMT
vary: Accept-Encoding
x-amz-request-id: VFRKDC3E2A4QAY8G
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 86
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 145ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 145ms
143ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 255ms
254ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 255ms
254ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 157ms
59ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

9796c5b50689a75f3aa13374fa1b41c3e1346c0cf5d1f654c20bb2e6107c4ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 116 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:06 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 541ms
149ms Image
image/svg+xml 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: JKBWX7VZDJ0W42CN
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: PcSYweg8p9eHEqug4XcEO56WGu4y5EUlpt9zQlFAEqVEsFWyzN8YklR7t4ofULu5Yvb19FPgE/s=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 552ms
150ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: JKBVP5KBS7J72CVC
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: fxGlVP1WXBzUC8JeWt0MmksEyxHL1Fc2RBgOCJ2ciIMuzP3BeRVRS1FNjCiRrTsY8Wt59EIQkj8=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 133ms
131ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 133ms
131ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 133ms
131ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 133ms
131ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 133ms
131ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 556ms
153ms Image
image/svg+xml 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: JKBRWW2TJCKMBGF7
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: DGmIygPHdYXZJEdFlB9A1oNKWOugCmwoFQjV0B5yWSfGHM6KO7OiOizlpQSLMGhU8HhQcTl5KWk=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 573 KB
134 KB 58ms
58ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
via: 1.1 ba055aa13fb55ceebb5b2e73483f93eb.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bb234e000097d8e0327000000001
last-modified: Thu, 10 Jun 2021 01:55:02 UTC
server: cloudflare
etag: W/"be4017dc0d84057af0be82378d2bcd1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c7cLtkesbryMVMR8KH%2F9WGbdcjNxoR8%2F9c4mRz8BigihLawbdbhMmSt1I7poRoFVaGdguohEK0JT1QbzrtQl6fKLLfBUu0b%2BCwoz5mZjAcEBY%2BAmGxJClVRX0bjaQpbxy%2FX7FvdN7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _lWo_seegG84aAiYV148P6d_vJ1mA4fg
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD66-C1
cf-ray: 65efc7b21e4997d8-FRA
x-amz-cf-id: 3l8qrcLT_6LN0ubkK4iSSonS1P8NMhoBGGEZQm58nV9KA5fnhFKWAA==
x-hs-target-asset: FormsNext/static-5.319/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 981 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:06 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 131ms
131ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
986 B 133ms
131ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90d46ec08f771125b01e8edec1882a31aab95cf0c8d6da3cff8e811648dac370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53336
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Jun 2021 01:28:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 133ms
132ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 202ms
202ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:28:06 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
26 KB 24ms
22ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67519
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bb23670000bf19b6895000000001
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 65efc7b2390dbf19-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 562ms
160ms Image
image/svg+xml 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: JKBQF5AAJ7WMHANV
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: BTCcezxSWYEwWqOHEtraANIgwAY0SlC4BdExTYMqeFb9SD/p/1qZTBM8yav5VfmMpMj2LgGeqtQ=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 563ms
156ms Image
image/svg+xml 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: JKBPJ399N0G5YHE3
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: szGIlslYGBQtjvZvJZuSBMgsLAA8+Yr2xsGmvuFPLDY9JkOzbj9nIT6ULowE/s4axiafFEgs3Lg=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:30:23 GMT
x-content-type-options: nosniff
age: 165463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 03:30:23 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 131ms
131ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 40FB
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-do...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi...

2 KB
1 KB

1023ms
1023ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.37909276.1623634087; _gid=GA1.2.1007293881.1623634087; _gat_UA-80491860-1=1; _fbp=fb.1.1623634087076.36818992; __gads=ID=624863c3102b0f3c-22034d485fc800f0:T=1623634087:S=ALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:28:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame A5D0
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-co...
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-c...

1 KB
918 B

1004ms
1004ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.37909276.1623634087; _gid=GA1.2.1007293881.1623634087; _gat_UA-80491860-1=1; _fbp=fb.1.1623634087076.36818992; __gads=ID=624863c3102b0f3c-22034d485fc800f0:T=1623634087:S=ALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:28:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 86F1
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,...
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2...

2 KB
1020 B

1015ms
1014ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.37909276.1623634087; _gid=GA1.2.1007293881.1623634087; _gat_UA-80491860-1=1; _fbp=fb.1.1623634087076.36818992; __gads=ID=624863c3102b0f3c-22034d485fc800f0:T=1623634087:S=ALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:28:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame BE2E
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice...

2 KB
1 KB

1022ms
1022ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.37909276.1623634087; _gid=GA1.2.1007293881.1623634087; _gat_UA-80491860-1=1; _fbp=fb.1.1623634087076.36818992; __gads=ID=624863c3102b0f3c-22034d485fc800f0:T=1623634087:S=ALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:28:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1233323151-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 96 KB
96 KB 131ms
131ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Mon, 07 Jun 2021 20:26:51 GMT
server: nginx
etag: "60be810b-18089"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 98441
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 GettyImages-1225219966-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 9 KB
10 KB 217ms
216ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Fri, 11 Jun 2021 19:06:20 GMT
server: nginx
etag: "60c3b42c-257a"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 9594
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 GettyImages-1322885030-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 13 KB
13 KB 218ms
217ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Thu, 10 Jun 2021 19:50:07 GMT
server: nginx
etag: "60c26cef-34a9"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 13481
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 GettyImages-158214905-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 10 KB
10 KB 218ms
217ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Thu, 03 Jun 2021 20:27:18 GMT
server: nginx
etag: "60b93b26-2933"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 10547
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:27:54 GMT
x-content-type-options: nosniff
age: 158412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:27:54 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:03 GMT
x-content-type-options: nosniff
age: 157863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:03 GMT

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:44 GMT
x-content-type-options: nosniff
age: 152662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:44 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 133ms
133ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 133ms
133ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 134ms
133ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 134ms
133ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:28:06 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 571ms
159ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBQ9VJ8DFJYV74F
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: OBkGUNRduXTrGRRxP8JGCIc0VaPbuTrpjbAjy16RpbfBzhQV74HxK8FFZ4o5PxG9JgrIKj+8D8E=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 139ms
139ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBZKHEEYNCTXG74
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: usaMJbKecsfCiWEVjqe4hgwZVBHYiz5MbREboyNcNRyMECJi6n5sA3uWTjZXjMD43BZ5MP5Euz8=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 149ms
149ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBMEC5HAKFYA8E9
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: /VXXhdZ75C424CjN0nWfL48b6P/Qg+B85D8dw1zD+f2Cr2CGW6vOzkH4VPVR3k/C+OgSk/1GXaU=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 169ms
169ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBKNG6614CN8ZGF
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: hEA+Lh6aUzqEuSAbDD3+F0vkwg8MorUsd3G/cQdb3BS3ViJ38w6XMZ686sJBwSvWxTyI/iyiNmc=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 141ms
141ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBS0BM2BV2Z720E
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: Ir0WhCIN9Bdc8XmaOdAJC0ujYoZcDL1PZQx+bx43WOMB6ox6uifCU1glF+NUed3xJUh+ZXNH/yE=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 144ms
143ms Image
image/png 52.216.27.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.27.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:08 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: JKBQ9K54SVGHS1AM
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: Q8nxSRKz2BJ7y53TCzaQ+UkyCTuG9zYcyNMeCSUaEXW3tz4zpl4ZmF7a9xre2j4NmZO1f8Y2LSs=

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 131ms
131ms Script
application/javascript 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50cdb174f4519a1e312c77f8a8b45bec0ad0924767a03518743d224f7d659c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: eb7ff350-2d22-41ff-ae0c-a9b2ef018b2b
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bb241e000064cd0689f000000001
server: cloudflare
x-trace: 2B94CC43F2FA54601645C22A305A73207B9B5F8D76000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 65efc7b36acb64cd-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:28:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45426
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 139ms
46ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 5310
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623634087.073789,VS0,VE0
x-served-by: cache-fra19127-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: I7cGoYUfPJAEtSbKll5PS65d4AWeyqHwzR4Ws06l7DMhBd9K6kfJfzOMkmomUsrS0CU00JJfsuvTqIblKEGa2g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:28:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1016 B
648 B 144ms
144ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29c2884376c3024e78a79357aa593b68efaaaf0ac99969cbcb2217f3606982c

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 45ccd1f1-087f-4fa9-b78a-66954c6be394
cf-request-id: 0aa9bb2432000005bf4fab1000000001
server: cloudflare
x-trace: 2B0353C9AA20ADC60FD34DD63ABBE0A77B36D53292000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 65efc7b38bab05bf-FRA
expires: Mon, 14 Jun 2021 01:29:07 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 57ms
57ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 48ms
46ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7187534
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bb245c0000bee7f60b0000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 65efc7b3cb72bee7-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1770
date: Mon, 14 Jun 2021 00:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 02:58:37 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623634087033%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fd...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQJoHWciNsNmjg...

0
155 B

422ms
154ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQJoHWciNsNmjgAAAXoIIg3tSolzIOyEu7nMc0ElF4CTOv-J_0PrmJXenenL9BLJnOao1Ug5
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 3P6Dt5lOiBZgE0XjASsAAA==

Redirect headers

date: Mon, 14 Jun 2021 01:28:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634087033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQJoHWciNsNmjgAAAXoIIg3tSolzIOyEu7nMc0ElF4CTOv-J_0PrmJXenenL9BLJnOao1Ug5
x-li-proto: http/2
x-li-pop: prod-edc2
content-length: 0
x-li-uuid: lBpZoJlOiBagj3wfOisAAA==

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75729
x-fb-rlafr: 0
pragma: public
x-fb-debug: PG9gS8AkPuZtP9uI6HOIQsCcBkR9MnJjeT7ShJ6Xq8cq5lxHVsY4H1njE35ZyeTFOH2UvFo73DXVtBIK0sTXMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:28:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=709527080&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&dp=%2Fwelcome%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&ul=en-us&de=UTF-8&dt=DOJ%20seizes%20%242.3%20million%20in%20cryptocurrency%20payments%20from%20Colonial%20Pipeline%20ransomware%20attack%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=161414435&gjid=2082490815&cid=37909276.1623634087&tid=UA-80491860-1&_gid=1007293881.1623634087&_r=1&gtm=2wg690KR697BF&z=667410687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&rl=&if=false&ts=1623634087078&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623634087076.36818992&it=1623634087040&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:17:10 GMT
server: ESF
date: Mon, 14 Jun 2021 01:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:28:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-80491860-1&cid=37909276.1623634087&jid=161414435&gjid=2082490815&_gid=1007293881.1623634087&_u=YEBAAEAAAAAAAC~&z=1049323670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 238ms
153ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 01:28:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 44b8a82d5882b20d13f3ee661f144e932f666a76fd5326a83cfaea7750027a04
x-transaction: 859e44140d3e74b0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 60 KB
14 KB 21ms
21ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 239
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: P8HAB06STAFYYQ3Z
x-amz-id-2: BXB3vwio1kSzS9KVrtBD0awKEPS876ZX8/iDNOq5Vi8YeJNRnD5v2T2nNQk96SgXR8UD9Qgdy2M=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:34:34 GMT
server: cloudflare
etag: W/"7d1960c560e9e1a7c68d368bb00a59bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7fcETuGJ5.5rTY48fGHOjt280gru2ST6
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0aa9bb24c300004a86e0051000000001
cf-ray: 65efc7b4682b4a86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Jun 2021 01:29:08 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1623633900000/ 62 KB
18 KB 20ms
19ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1623633900000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 160
x-amz-server-side-encryption: AES256
x-amz-request-id: XJAVP4Q38YJYVEQW
x-amz-id-2: a9HwIc4MS20Q9Akryi/6ctWfv+ZPu6qghBrocRq3CFT3UmtHdK2i4tEmOe7hsiNyCwoFI39EJhg=
last-modified: Wed, 12 May 2021 19:10:17 GMT
server: cloudflare
etag: W/"95a153c93e899095ceff108333b7e80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 0aa9bb24c300004e5534bfd000000001
cf-ray: 65efc7b46c284e55-FRA
expires: Mon, 14 Jun 2021 01:30:27 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=37909276.1623634087&jid=161414435&_u=YEBAAEAAAAAAAC~&z=1292497951

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=37909276.1623634087&jid=161414435&_u=YEBAAEAAAAAAAC~&z=1292497951

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 81ms
80ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3907799505559935&correlator=1152387082792305&output=ldjh&impl=fif&eid=31060784%2C31061224%2C31061290%2C21068863%2C31061143%2C31061181%2C44742768%2C44744007&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1623634087&dt=1623634087149&dlt=1623634086373&idt=749&frm=20&biw=1600&bih=1200&oid=3&adxs=480&adys=365&adks=113530204&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=640x-1&ga_vid=37909276.1623634087&ga_sid=1623634087&ga_hid=709527080&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

af68601866a0c971edc24c4861a806241187ec7b074aa50f3543f14b606be81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11244
x-xss-protection: 0
google-lineitem-id: 5715621344
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352336806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 219B 0
0 51ms
51ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSgeaqxR1YJdl3Qp91yl8wAJ1QTe8rUDLLudRBBQe9bHazcZF9GhXz4Y084_7meKAHnUdz1A_wgkyLn5D2X8FfEEYWu5q6LBCIov9rGw2KLQIhKhGEi98ByR8W5bFHOrNqcpY1up2PqE4DVkYegKS49mADsyCHOPMrhvAWNSVvMYdiYnHZQ-PsnnMKBuNf3TmilKt5tB2fedlQ-jA9V-93b2vHwRR5tM5mtKO4Sq-A_vSZzPTWxzjgtnagmzS4kb-5CcMMYcw4BS4-RqBe0SGqR6oDWba2c-pjOM_HKJw&sai=AMfl-YQDnfcqrz5NLVBxyof7f1eQ8JcfKKojewb2nzT0_45eeLHIZcOE5vpWsoR7R-5yCrHCAV-VHvwF1jfPR8S4aPUIHOPLdlylk3i6m0tVrfemqOWeT7QGdGcX6c5Ttfs&sig=Cg0ArKJSzBuMIEbX44PYEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 219B 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:47:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 219B 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 23:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 23:53:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 219B 122 KB
37 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 219B 0
0 23ms
21ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjCVsMu1Pl-dBMrfE6TqBII42WfrzjHuAnblJs8U3RQjtkSuCfMTHUGMax2RVXMwX3c4kJkYWuamFv9J8bais92Ndmmg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 13841792684619255105
tpc.googlesyndication.com/simgad/ Frame 219B 91 KB
91 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13841792684619255105

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:21:11 GMT
x-content-type-options: nosniff
age: 126416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93333
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 10:24:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:21:11 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 219B 0
0 60ms
59ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcfcH1b71cGNirBJcHvzLw08-T84XEXXIcre6Ah1kfzUzBGCwJgbGrauvT9ug_JdF2LDftHT1gQ1bJdPwQH8MA3PZsGqe48FbvjJioRvL66hvCp8R4dvNHaQ2sQkQV2jPTICigvj5weCB-e-xFZbwqdgol6zb02Dn8MF8r5bQyQ7RGunIqRqIjl9RdfoXL_AlZdifV1Ue8E99IO4sjA6RO1zpOw-Q1GpDskaObEHzuQtIQoQXr0IUxOpoZ0pHPpr-UZSsUF7qzR_Dn7FYWCdH7TkVzPejx3ZGXP7FFF6o32Q&sai=AMfl-YSq6LyGKAO33YFafDBzr3layiTg82eEySqT8Go32N0pxsJrhIxP_WWMKxe9eUiSdxQP1b1_cbRmFb1rHHqU403q1FWp7Guw1sSstJSb4VRGEwdY9D1W4ROBOwd3s08&sig=Cg0ArKJSzPWhTMr2kZGNEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:07 GMT

GET
DATA 200
OK truncated
/ Frame 219B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd50fee26d4504f331da5128d0718dd3dc5abcece84ee37cc894f057d7646d8c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAUBnrMsW3Nr7oISe

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Jun 2021 01:28:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 219B 42 B
108 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5NdNjBpXY_oxYvnfa09TAS1l67a8ISZbViAoRxCTgddmzW3YPnZ_Ew5cI0wRD_92WsZLZcskra9dfSRrtSg4KVYNMLCcq3ZCAzADu91Y&sig=Cg0ArKJSzDpIZCM_ddiUEAE&id=lidar2&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623634087249&dlt=0&rpt=116&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A5D0 61 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 104 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:08 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A5D0 318 KB
112 KB 49ms
49ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:08 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 86F1 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 727 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:08 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BE2E 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 995 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:08 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 40FB 61 KB
21 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 210 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:08 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A5D0 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A5D0 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A5D0 9 KB
5 KB 97ms
96ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2601659740175999&correlator=1253304544533083&output=ldjh&impl=fif&eid=21068030%2C31061336&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts%26categories%3Dgovernment&cookie=ID%3D624863c3102b0f3c-22034d485fc800f0%3AT%3D1623634087%3AS%3DALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634089&dt=1623634089001&dlt=1623634088797&idt=197&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1445&adks=4064999910&ucis=b8mstmp0v436&ifi=1&ifk=3714739266&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=37909276.1623634087&ga_sid=1623634089&ga_hid=1482773468&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

947c8bc80715a512f6a7b87dcb956f4c3491485e2e42ceff7504b008de2d6d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4649
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348804970
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5D0 0
0 60ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BE2E 318 KB
112 KB 49ms
48ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 86F1 326 KB
114 KB 60ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 40FB 318 KB
111 KB 75ms
75ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame BE2E 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE2E 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BE2E 19 KB
9 KB 84ms
84ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=659913240952913&correlator=3932202840214798&output=ldjh&impl=fif&eid=31061337%2C31061354&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D624863c3102b0f3c-22034d485fc800f0%3AT%3D1623634087%3AS%3DALNI_MakF1p1-vb4WXK3MoZV5XzE1TVQBQ&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634089&dt=1623634089093&dlt=1623634088973&idt=114&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=4097&adks=3048910702&ucis=wmoturo4ja3f&ifi=1&ifk=485025872&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-b3zuzxlKK5-billboard%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=37909276.1623634087&ga_sid=1623634089&ga_hid=1018847805&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d840de4395c258664d54c7cdbade77b3481036f98a8d75306a57424f81d7abe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8687
x-xss-protection: 0
google-lineitem-id: 5650762076
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343897002
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE2E 0
0 27ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBDC 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:28:09 GMT
expires: Tue, 14 Jun 2022 01:28:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5D0 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A5D0 10 KB
8 KB 32ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d734fe2792821de433cad669d4365ea55c85a71c03823c0691b7a8c36ebc4bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7766
x-xss-protection: 0

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FBDC 22 KB
7 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame FBDC 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309641/ Frame FBDC 45 KB
13 KB 233ms
101ms Script
application/javascript 54.72.19.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-19-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c91db7f3fa6953f5006dc063b5ef3a9382b88ebd4d7e53e9dd8f1223650dfa1b

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBDC 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A5D0 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 86F1 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 86F1 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 86F1 8 KB
4 KB 81ms
80ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=273971745572653&correlator=420590005250507&output=ldjh&impl=fif&eid=31061040%2C31061429&vrg=2021061001&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D624863c3102b0f3c%3AT%3D1623634087%3AS%3DALNI_MZYeGH0kZKiGWawZ73qFiV_m36t7A&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634089&dt=1623634089175&dlt=1623634088972&idt=185&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1710&adks=2863372106&ucis=lxt56g7ui51j&ifi=1&ifk=2940762769&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=37909276.1623634087&ga_sid=1623634089&ga_hid=1025623473&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ffd7a44f30ea75328a59ed9ba0ecc35f97c8fa93ca66308065a8c2128f8acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4476
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86F1 0
0 27ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF3E 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:28:09 GMT
expires: Tue, 14 Jun 2022 01:28:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE2E 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BE2E 10 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ee54375529f3d07f02aa23e6a6f7cabcea276f9be58b61d4ef7b5b88ad9ad93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7825
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 40FB 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 40FB 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 40FB 9 KB
4 KB 80ms
79ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2321351769800138&correlator=2239637464534467&output=ldjh&impl=fif&eid=31060978&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D624863c3102b0f3c%3AT%3D1623634087%3AS%3DALNI_MZYeGH0kZKiGWawZ73qFiV_m36t7A&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634089&dt=1623634089209&dlt=1623634088974&idt=229&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=gms5i84p6q7x&ifi=1&ifk=3817049383&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-7WO54yg4q8-leaderboard%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=37909276.1623634087&ga_sid=1623634089&ga_hid=428845110&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3251c877bedf19360463be8ff30c8339f1f379935ace871f354a3e9673e7b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4526
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349746702
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40FB 0
0 29ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8AD8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89BF 783 B
530 B 17ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86d4aea5c8e3f7d17e280e541d60e244bce747227f5541201154bd19c264a40d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uqs5pMMsS6ob32sf0z/hng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:28:09 GMT
date: Mon, 14 Jun 2021 01:28:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Uqs5pMMsS6ob32sf0z/hng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BE2E 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBDC 0
0 51ms
51ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpiHz2D8q39zsCl-6BR4-J-3mSOwCVWd6tam-wKl-JKDnFu1B-0qXoVmGO144PVqQVrGHR-INEsqMgMxkGChGYSCiGnOI0aYVCn8NlqOOeHe6N2JAKhD8KvLDMqltoBrWm-aBiWo177rANHIc8k4jGUxzwjC3aZXF5DMxUqu10gfe4mQYH3GzH1o5nag9K1nmRGyBEEwS8eZvtyy8IyFTxe2Pc7u6GMavFTBygJqZ4Pd2tzpBc5r8n17CHSq_uOXiHwjehiCVemviENe4AE_6vERScz5Q-XrZv2MYuZ9SW9FVxsoD-POKPn7FHFuePXzVhx6J2flrohvE&sig=Cg0ArKJSzALp-F4qsVOdEAE&urlfix=1&adurl=

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame FBDC 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame DF3E 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:46:18 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DF3E 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF3E 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H2 200 B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=aubo0j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6J2qcKpSHCkXvuu8rad1DhRYqvqc4dT0YPIFT7iAR... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame FBDC 36 KB
19 KB 159ms
68ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=aubo0j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6J2qcKpSHCkXvuu8rad1DhRYqvqc4dT0YPIFT7iAR-3eQfL-dev6bmC0dasAoPrCmHkoo7QVcxcUW0Ii0fPnmwoLku6jPMZXHPX1KvVAo9PvaGKCs7irwAodeZb7wGA4-sfTB4U7q1mmrkm1RTIsKnwnnLSMUl8r-ayOSYNDsVM1B5u6Zmi7giwQIPuIWx1R9hGTyUT4JciDzKP-o6zkYcMRbnJ_1DlkN2dCVu58ObzNFq-Ay7x5nILraxGfIzeIarBedmogKf9KAGN6rJ13OTTsMERtnZkHIwihwvtBoEag9T6AE7gVXIUrpEjGdB2rI0pv-cC0%26sig%3DCg0ArKJSzMOBjRnOg0TIEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lgHR-2*1LO;osda=2;sttr=24;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

23d47e0f5487d6b5c35543ad49301dbae125f909504b46e46b644ac2a2181480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18928
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22AC 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:28:09 GMT
expires: Tue, 14 Jun 2022 01:28:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86F1 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86F1 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

037f636b6d7b862a202551f84c498f6a5358cb79aa80ca802338f67b0dc29b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8424
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 91DD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D69E 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38babde5e42768260382d2537ebf5eba50eaf83a6c704c49073c6f2eb9af6441

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2BZvuv7Q5XDStbOvcYlUfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:28:09 GMT
date: Mon, 14 Jun 2021 01:28:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2BZvuv7Q5XDStbOvcYlUfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame DF3E 109 KB
38 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 08:25:54 GMT

GET
H3-29 200 container.html Show response
f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A608 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:28:09 GMT
expires: Tue, 14 Jun 2022 01:28:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40FB 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 40FB 10 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f6913929f4c53316a97bb187b30e7b5b62a63ed0e2568a4d2103d3abd4dd5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7981
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86F1 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AD8 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 22AC 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 22AC 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309637/ Frame 22AC 45 KB
13 KB 73ms
72ms Script
application/javascript 54.72.19.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-19-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7a57f85042bee08c2030bffb20603203e8f8e997fdfdf130e663c13d55e96d3e

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-server-name: app09.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22AC 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 40FB 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/384545/37259705/1616425583975/ Frame AC7D 28 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b8c65e1f392bf3ce085a459c85a3ab7e500b928edd602a016f96164f46b852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/384545/37259705/1616425583975/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 5261
date: Sun, 13 Jun 2021 10:13:07 GMT
expires: Mon, 14 Jun 2021 10:13:07 GMT
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 54902
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF3E 0
23 B 51ms
50ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH5fuFMpvr5XkubjGbsWT6NhbJFtKOoD9OTOrBZnyQZOZhdTG9QP20az-T3X4vqN8EqTMm90IbaToInw58t-vX5hBv7yYi5KY9EFCjZtLUXbnJ8wJFE0OkcKVCBCW-yuxxsqMW8AeGJBXbrXbIfvsVL4MSG2RcPejNfVp_lOwkzoYQ8ckka21IHls75RyN7g_sUNrrNx4eq05LNKQ9tbbvoBWDmckwd5PPId-YM5BAk8v7JRnDzt3AHrhouSdlzpgvs5mhpJDaB37Y8PUmmuvdScv7io6NhLaL9RFT82vLui7XcSXjsZJ-hIjCZ88KQ0D_bEmhRak&sig=Cg0ArKJSzCdSXFblGHKREAE&urlfix=1&adurl=

Requested by

Host: 1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
URL: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A608 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A608 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699614/ Frame A608 45 KB
13 KB 73ms
72ms Script
application/javascript 54.72.19.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-19-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fce1eed6a47a663a121ae372e6313765432e2bfd5145faf7a371be0aea4c263d

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-server-name: app37.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A608 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 371C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F8E 783 B
533 B 17ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7361b53c0f6ff68acc0e1b45b0d4029721abf123f9a7780f091cf67f6d02bfc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7wDKa9U8M3oNd5/gM7v0AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:28:09 GMT
date: Mon, 14 Jun 2021 01:28:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7wDKa9U8M3oNd5/gM7v0AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22AC 0
0 51ms
51ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMfyCtBkpDGQJLMlwEl1LGGZrJ3lvft3X98QQ-rZt9y0ugskI0xglTke6XbD-3kf5BWfSWF6Ql64afK3Cjh5Q3N-XbFxRDt9zwSfPdfCMY_00z344GSqW5H7IRPbzIuo_g5MgwRqyDEqGK0GrrIHaaeNU8u66FmuSMqIE19fzS_kAXBLfPlAfA9ZQO0BCeqtG-HVxYMd5N7P1fL-ye1g9NyTLofc1nLLxK9SrxFvNaXjTxajKfUg7VKzbMKmX6M5JPq66vRvFDxtMkXUX31Cg6i57tE7oA6X_hAEVYOIHTgO7fK1_ajZJK0vz92piXJvw&sig=Cg0ArKJSzGVAQOlIHyE7EAE&urlfix=1&adurl=

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 22AC 37 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame C0EA 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4AEE 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da5f233d4e7ae800b2f65a63b30ee6398399655159bd328b94e4db488dd9af59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-StdtzkGht0fR2qIEba3fIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:28:09 GMT
date: Mon, 14 Jun 2021 01:28:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-StdtzkGht0fR2qIEba3fIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 91DD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A608 0
0 52ms
52ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk_5RGnj_3QslKSBN1Sdj9ei0Ieotm--i0cGY8kDc8B92qegFm44DBEFSo4Fo8vDxCe6-WH55kPBqDkzDnSNfBJ2vXYE-l08-LsDk2C0QgrsBcJuzlBUIF4l0KtlrmsFda-BpIlPieZ6jtgDh68rMhQydXwUdWopxCG5Tpw31fu0BhP79DUeFqxU4yjOaxmubIWcLULUHaqjvD3Bq_SX6olLPmepAykzJuasIjGyME3Ijemft8QWJB8g9olqE6hXo7d-PTmxaCltfMOTZ9MdjImep1U4-t5GM50jtR1--EGQB6RO1Drl3x8ItoZd9_AUc0S9diysar_iIQ&sig=Cg0ArKJSzCgZs98ZzeMNEAE&urlfix=1&adurl=

Requested by

Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame A608 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=cosea0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHu9eGYCAXYdMAwXvuHRdPYKiGIiBY6QUk2OIuMwNAd... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 22AC 36 KB
18 KB 143ms
90ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=cosea0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHu9eGYCAXYdMAwXvuHRdPYKiGIiBY6QUk2OIuMwNAdehGrzPiq8MP1Q0XqnDVGfb77IywMJXlSsXCwnV8WCP2YlZtJXtqQQrLVGzYoHH4z2IFD9XRYA-tqBgTK4mSdS1aaogylWxcHfPhQYZlCnukTkn3fdbAA9Y65Nwqff83_p1RmunKsL2RMIDfvxf3gc225t05qKUl6TLLmr4rMx9EXPEjBp5Uj8aSnnB4C3zHf4jGsVh23NhsaSvirPUkopy1QYUG4Ob3WvDGEhtx14Nw-fUoIt7XcTj98l0wMeIrbMTSa1unb6SqYnf5F3w%26sig%3DCg0ArKJSzHRRHDw1A1hfEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=Soutu)Xn4O;osda=2;sttr=40;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

d621b05bf9a6b56ceb90e7bbc023d4a694353ef943c018165b73be5067ee2c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 86c850a1ba864a9805f17358244a54c5.js Show response
s0.2mdn.net/dfp/384545/37259705/1616425583975/ Frame AC7D 69 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b197f033111afe064ad614ec0f25eacb5186b3aa36359d3a24b4f14bb3df29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18101
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 13:31:21 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 371C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame FBDC 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=aubo0j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6J2qcKpSHCkXvuu8rad1DhRYqvqc4dT0YPIFT7iAR-3eQfL-dev6bmC0dasAoPrCmHkoo7QVcxcUW0Ii0fPnmwoLku6jPMZXHPX1KvVAo9PvaGKCs7irwAodeZb7wGA4-sfTB4U7q1mmrkm1RTIsKnwnnLSMUl8r-ayOSYNDsVM1B5u6Zmi7giwQIPuIWx1R9hGTyUT4JciDzKP-o6zkYcMRbnJ_1DlkN2dCVu58ObzNFq-Ay7x5nILraxGfIzeIarBedmogKf9KAGN6rJ13OTTsMERtnZkHIwihwvtBoEag9T6AE7gVXIUrpEjGdB2rI0pv-cC0%26sig%3DCg0ArKJSzMOBjRnOg0TIEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lgHR-2*1LO;osda=2;sttr=24;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:26:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FBDC 0
545 B 180ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdro_oewzJiFAOWU6mpgLvyQ42_gO1ossU7uUM-z9vG_sI_oipd5fKIcyJ8FY0n_lx16YrEyCjxaZOpcmN9ZeR1ryWCbfufez1XTSDHRAu3Q2ygCSnGXZ1NMp30QcAMl0zYXGfhtOiOG6Ez8hxYIKwELlyU53jBsoT1R3KVbHXXw&sig=Cg0ArKJSzIulPTyEonXlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.34085&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame FBDC 0
0 442ms
144ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302298781&crtvid=149873349&rndnum=1233475954&site=N7442.3728797STATESCOOP&adid=494951338&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=aubo0j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss6J2qcKpSHCkXvuu8rad1DhRYqvqc4dT0YPIFT7iAR-3eQfL-dev6bmC0dasAoPrCmHkoo7QVcxcUW0Ii0fPnmwoLku6jPMZXHPX1KvVAo9PvaGKCs7irwAodeZb7wGA4-sfTB4U7q1mmrkm1RTIsKnwnnLSMUl8r-ayOSYNDsVM1B5u6Zmi7giwQIPuIWx1R9hGTyUT4JciDzKP-o6zkYcMRbnJ_1DlkN2dCVu58ObzNFq-Ay7x5nILraxGfIzeIarBedmogKf9KAGN6rJ13OTTsMERtnZkHIwihwvtBoEag9T6AE7gVXIUrpEjGdB2rI0pv-cC0%26sig%3DCg0ArKJSzMOBjRnOg0TIEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lgHR-2*1LO;osda=2;sttr=24;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FBDC 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H3-29 200 04232021-075324155-AMER-ENG_VT-05_0_300x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png
s0.2mdn.net/3569326/ Frame FBDC 75 KB
76 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04232021-075324155-AMER-ENG_VT-05_0_300x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

007811af35be7403136f95700fd7ac160ce7967a12d1c677703b7a04be6ed451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:27:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 14:53:24 GMT
server: sffe
age: 36025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77296
x-xss-protection: 0
expires: Mon, 14 Jun 2021 15:27:44 GMT

GET
H2 200 /
events.mmi360.net/ Frame FBDC 68 B
134 B 542ms
243ms Image
image/jpeg 3.131.245.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302298781&crtvid=149873349&rndnum=1233475954&site=N7442.3728797STATESCOOP&adid=494951338&aucid=&exchid=&sellid=
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.245.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-245-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302298781;a.a=494951338;cache=1233475954;
ad.atdmt.com/i/ Frame FBDC 43 B
1 KB 63ms
48ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302298781;a.a=494951338;cache=1233475954;

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: zC1+LLMgyyVainYOEg/Dc67cdHxWkPBZvPVaZeJq5CRKGmsx6ykuUZA9mNMxTDvj7MXKugxzYdsRUuHM5BqSYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:28:09 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame FBDC 183 KB
58 KB 301ms
165ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBDC 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjf... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame AE45 35 KB
18 KB 81ms
72ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

f9c2d55dfde1c111e0bdf5abe0fb5d025978b2c0b08f126f405828aae54bd638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlPsLNCXywvmIJlrqp6H-uSc4hSMUfEn6_-WxXwq1qkddtrSBE8ESXRS6KugH4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Jun 2021 01:28:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 18144
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame A608 183 KB
58 KB 188ms
69ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A608 0
0 51ms
50ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv26lkYvDxKUBVaEPS28ww93-0SN_gET6y4KaRkMddoB8SeerMvpjRydGDEGQ77gcdT8y6Tg8pUZclHtzFYhQntP9VMciotTYQGuFP5wJiMNVB20mQaNacJCo3C5y2JNrR4BMwqx4Fz5bvhcsc1Is5gQ3bq9aWlnJuVZBpL0xXmxl1RH75PbISnqLWRUnOMx45wLH828O4Deh1E7EnnjrPGX4Rz8-UY7UC9XC1-EVtqR0FEtU13kVqOqC2ogh4cAd2Kc2ePAujkd1dKuc3w6oLJ7vKyWiiJNzR5gEi5qRoaNMnGxMEejvrf_PtIUwSnXw09YdkwvyMPBU06Hnw&sig=Cg0ArKJSzE7xREBxQdB7EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
DATA 200
OK truncated
/ Frame A608 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bff946e2cfc210c60a095d86455370ad0d8428d9126acf0e7b60f92137d0a697

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 user_uploaded_metrichpe_700_normal.ttf
s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/ Frame AC7D 71 KB
32 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/user_uploaded_metrichpe_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdb1f9033b14ecae8b48c6c031db9e36aa4def65bbf01d81c1fa5936d0fe0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33126
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:08 GMT

GET
H3-29 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 5 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:07 GMT

GET
H3-29 200 fa2c2eed25a7d5253bfe041867460715.jpg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 113 KB
113 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/fa2c2eed25a7d5253bfe041867460715.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c15b66cb07f71fa87b020f574d0639b3f6ecd149afad830d289f5836d9bc88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53486
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115706
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H3-29 200 5a526769e6c189eab1fe4b501db1b98e.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 128 KB
128 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/5a526769e6c189eab1fe4b501db1b98e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198de8b38e461e78380be9c038b63d352e51dae4ef3f439191497ee019711319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53486
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131505
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
DATA 200
OK truncated
/ Frame FBDC 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cfc736b9fd3abd6d46b9c0ffcb3ae317723d3a55b9e2d3366ed670e9326879e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FBDC 0
60 B 79ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBDC 0
0 50ms
50ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRmG_WKoLB7jGGablQnjJENobp7zzgMoqpvek7oADd-dIBjh-Vz5IWm48qC6mHDcnw86rYnT3HHHtL8DDlVujYolUeqEahcF1ijh3qL4Ub8Al_WUwx1o3DXW-wSJhtfvXWZ19oK1mycYXRWLkWQ7C0mtV0CvBRCD7BGOg_003IWoRF10u5zpl2uwAH6bxSrtTQR31GV7Bity3RGLwY5mgmvcGrL9zyMJkNNRbHR0s4iKmswZFQFkK-_QpIY-R2hP7wl1u6jqVd4K6nBe4bc5BbsBLex14hEiPsvtSJtFOqXe3ntciw7jMnmo1kowAEbrL6b67E8wMmuiGUkg&sig=Cg0ArKJSzIu2zalmuurOEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 86F3 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 13 Jun 2021 10:48:52 GMT
expires: Mon, 13 Jun 2022 10:48:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 22AC 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=cosea0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHu9eGYCAXYdMAwXvuHRdPYKiGIiBY6QUk2OIuMwNAdehGrzPiq8MP1Q0XqnDVGfb77IywMJXlSsXCwnV8WCP2YlZtJXtqQQrLVGzYoHH4z2IFD9XRYA-tqBgTK4mSdS1aaogylWxcHfPhQYZlCnukTkn3fdbAA9Y65Nwqff83_p1RmunKsL2RMIDfvxf3gc225t05qKUl6TLLmr4rMx9EXPEjBp5Uj8aSnnB4C3zHf4jGsVh23NhsaSvirPUkopy1QYUG4Ob3WvDGEhtx14Nw-fUoIt7XcTj98l0wMeIrbMTSa1unb6SqYnf5F3w%26sig%3DCg0ArKJSzHRRHDw1A1hfEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=Soutu)Xn4O;osda=2;sttr=40;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:26:45 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22AC 0
23 B 132ms
80ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFF8B2n-EeCxsCdDR4Lof2fUIRMWDrXutwV2yWa83uALcritm3G-tuZvjTUOhmIfTLy0FWbnr2uML56DUuNhdmoq7syXaAzQO-I4rpcZWe6L33Sg94w7aBgiu-SJyOpoYEhPP0vd1meyM9i-osymbbrTqOjJ0a153yfBnJGiE7tA&sig=Cg0ArKJSzOFottaEb01oEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.71789&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 22AC 0
0 254ms
144ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=997340886&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=cosea0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHu9eGYCAXYdMAwXvuHRdPYKiGIiBY6QUk2OIuMwNAdehGrzPiq8MP1Q0XqnDVGfb77IywMJXlSsXCwnV8WCP2YlZtJXtqQQrLVGzYoHH4z2IFD9XRYA-tqBgTK4mSdS1aaogylWxcHfPhQYZlCnukTkn3fdbAA9Y65Nwqff83_p1RmunKsL2RMIDfvxf3gc225t05qKUl6TLLmr4rMx9EXPEjBp5Uj8aSnnB4C3zHf4jGsVh23NhsaSvirPUkopy1QYUG4Ob3WvDGEhtx14Nw-fUoIt7XcTj98l0wMeIrbMTSa1unb6SqYnf5F3w%26sig%3DCg0ArKJSzHRRHDw1A1hfEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=Soutu)Xn4O;osda=2;sttr=40;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 22AC 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H3-29 200 04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 22AC 144 KB
144 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:31:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:32 GMT
server: sffe
age: 43008
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147416
x-xss-protection: 0
expires: Mon, 14 Jun 2021 13:31:21 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=997340886;
ad.atdmt.com/i/ Frame 22AC 43 B
161 B 52ms
52ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=997340886;

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: iVdQrIT2XIdsRypVRhV86Xo4ZNvythpvtl7JT8uHuJOjcGSkFRudk17R4D1zccoebKlzQ5kRMi33T6t39Q+eOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:28:09 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame 22AC 68 B
135 B 344ms
234ms Image
image/jpeg 3.131.245.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=997340886&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.245.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-245-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 22AC 183 KB
58 KB 141ms
140ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22AC 122 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF3E 0
0 51ms
50ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstU5PWWZbPWqTu3NTapkXNmcuQ5Q6EMIm4dLDOnEcMDHGqCLemIijxwqzwbT53r6Dbc8noJUDmStO0yHCV3vkl9wTe-DZ7WOV25sg-1912YZ_cfIfrsal74anyLVkGY3FtiU_HmzQWLFXCqPH30pjgpQXucnZu-ypyj4z57iayCNVkrstiwLxLcU_e5zZzmznEMSakMIJwFWmfmDVMVtfJ_-a8lfphPYtEt0wVzecUd-GWAM5vsdpWNsWZzWMBPatEV-MOgqQAlLwYZKcLJpS72x30OpXe0AdlZkShAQOhxiM3M5ZjH8McO6lS9u5Zs5nHJqrccIW9GYQ&sig=Cg0ArKJSzK7wnJrU6y-XEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 GLBL-ENG_IOT-01_0_970x250_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame AE45 244 KB
244 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_970x250_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da58b6569b6594fdfdba1073bf0fcce454eab45c9c7440961630bf6b6b455b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:00:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:34 GMT
server: sffe
age: 52050
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249367
x-xss-protection: 0
expires: Mon, 14 Jun 2021 11:00:39 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/ Frame AE45 10 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a0b09cbb763ef7e1ab6183b36a3ff732a874dc4faa20f375c807d8ade0438d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4190
x-xss-protection: 0
server: cafe
etag: 13053538017912979805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 04:54:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame AE45 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:26:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE45 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:09 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE45 0
23 B 80ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLDJ2fMJMos43nYRj-BfV8AuM6cOv-dF6zpFjIM5H18syMAssfQBEnMo4BQbz5X6236-QX0TOYTwTepXeGSCv4Zp23vsZLpQo-fjbkp3-S0itOtsPKmR53W-AyXgNlQ_X73r2KTg2E7VjxgFlug8crPPznMAQ5aWHzxw3LJ14V8w&sig=Cg0ArKJSzN-vO9T8pVgbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.63283&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame AE45 0
0 145ms
144ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=25791652&pcmtid=303489065&crtvid=150891817&rndnum=942844227&site=N7442.3728797STATESCOOP&adid=496164908&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
events.mmi360.net/ Frame AE45 68 B
134 B 247ms
246ms Image
image/jpeg 3.131.245.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=25791652&pcmtid=303489065&crtvid=150891817&rndnum=942844227&site=N7442.3728797STATESCOOP&adid=496164908&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=75.217;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=2711260096;ord=3tv30i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMlawReKonFC3opsIFwLUugIjfLYJ_nCvelvQtAh7tVwwfvMgkSqT_xKnlXk3SElSqIW9KEhAP8bJtz1DyqYyhqVmhEJkungQh4BXG9wsugVPMgh7iijiZ2gSuwu_bbC5Dc8FvIVE4s_9ZpmsqBJz2pLWcGWGStP8EsgFbtrWTLuarObng64V03rfZPE8GE-xzizJdUlD2KdtSC_TlkKHUoeOGWF7-xRODRbT_M9rMbLa0l9iQb-ghE8GMSZXtKgSnJXx-qTW6Hf_AhUUEtYiPXqbB5D6m3BkTpHni6Pqn8Ie294svKlAaMxV6BD3MKC1tZWmRJxJR%26sig%3DCg0ArKJSzETWUnX9MrQqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VKM4x-PtYP;osda=2;sttr=55;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.245.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-245-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303489065;a.a=496164908;cache=942844227;
ad.atdmt.com/i/ Frame AE45 43 B
172 B 175ms
174ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303489065;a.a=496164908;cache=942844227;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: BckjqEUa3ZLyg1VkYaxDxWUTxljOb0+KalQZy/OGQrY0KxD8LmBwYvNDcO8wgdYiiICvHPAdjmDGUgy8pV3mPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:28:09 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AE45 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
DATA 200
OK truncated
/ Frame 22AC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf7b8a9009ef57347a60380cd8d881d33ce9a2ee27f75db5d4ce0a754e01e1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame C0EA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22AC 0
23 B 79ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22AC 0
0 50ms
50ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstus-2myDS0B2ZkWWgKSfkU7oSLRJBGtjqS1xjyH_KSRZgf2RLWCaOA_6uWO_HEPiJYPbcRY63uQQJSvVwM_Pf9U-XuMxEcKam3_TFWOQQhPdZ31HifuaoA3yhy2m3s6Q-n2jCJYDBJMb_1OV6j-dLUh9tTqfUbt4tduKYOXZnpKUUN5u9avYH7kiMwjpTFpWfV9BQZkQfoHPDkpnd798gr38C-XgyS4EW0rL1xEgvAmjrs-fZaWcesG8oVXWRqY9lgY2lTzo53uQ5EqijpFnHlk2D-SP6thPNOP8dyZqliqn7mXZ95FPoALz7A4wxJo2BHYA&sig=Cg0ArKJSzF1nWc1cyUDFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:28:09 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4EDC 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 13 Jun 2021 10:48:52 GMT
expires: Mon, 13 Jun 2022 10:48:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AE45 6 KB
4 KB 16ms
15ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59f37faa4a37839a30720a4fb5ea062571246118c8ee29a496efbcc8580fa2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4316
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame A608
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

66ms
66ms

Script
application/javascript

52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7783221
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:09 GMT
x-server-name: app34.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 6741 82 KB
21 KB 67ms
67ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:09 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2846553
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B757 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 13 Jun 2021 10:48:52 GMT
expires: Mon, 13 Jun 2022 10:48:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE45 0
23 B 79ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FBDC
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

66ms
66ms

Script
application/javascript

52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7780909
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 1C94 82 KB
21 KB 67ms
67ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1032324
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 22AC
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

66ms
66ms

Script
application/javascript

52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7781371
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 5D66 82 KB
21 KB 68ms
68ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2848836
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 86F3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A608 43 B
215 B 387ms
128ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=c0e5c7e4-85b3-d499-1f5c-ca7166f58416&tv=%7Bc:ftxuXs,pingTime:-2,time:559,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:170,beZ:171,mfA:549,cmA:550,inA:550,inZ:554,prA:554,prZ:563,si:568,poA:569,poZ:581,cmZ:581,mfZ:581,loA:665,loZ:668,ltA:727,ltZ:727%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:398%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:559,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:398,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B176~1%5D,as:%5B176~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgHaQu+111*.488356-54699614%7C1111%7C112%7C113%7C114%7C121.488356-54309641%7C1211%7C122%7C123%7C124%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:158,readyFired:true%7D&br=u
Requested by: Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FBDC 43 B
216 B 348ms
128ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d1642a8b-3cd1-e3a4-daec-6171a29c4f7f&tv=%7Bc:ftxuY5,pingTime:-2,time:615,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:368,beZ:369,mfA:885,cmA:886,inA:886,inZ:887,prA:887,prZ:894,si:897,poA:897,poZ:901,cmZ:901,mfZ:901,loA:946,loZ:947,ltA:983,ltZ:983%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:528%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:615,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:528,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgHaQu+111.488356-54699614%7C11111%7C1112%7C112%7C1131%7C114%7C121*.488356-54309641%7C1211%7C122%7C123%7C124%7C131.488356-54309637%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:121*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:85,readyFired:true%7D&br=u
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt69.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5D0 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2601659740175999&bg=!6eql6q7NAAY6sG-_OrA7ACkAdvg8Wh6kFpQLrtj0Qhnn38rpueSzcGw083UHKz0DMF6NrMnTWZDI8QIAAAG3UgAAAKxoAQeZAotri5NQ-qpo96344N5ZD84TZ2QeHjo-L2SQYvDmoAiVAfOaEwmszri-0k1OL-oPkKQlIh-iwLe3SH28P8wh4hDqOCGLDCb2qoZys4Kv-iaiDDsILIjOZjbCpHEZ9-tpZDawiKRc4RqcgKshbMVtv-kvJ0sQsyeDemp70bdDOPRGmiUO55IELNgqz2Q2ps8V3fX2QbLKUpLtE8x9JfGXukmy9V1038yEMSDfPLq2abVgxJnGibAeQn6St2J6iU1hDimjczTPRRzcyP5pwAslYFKjXfAnjE3khZFEusT7CEK2Fs4mwwDrYS41nLNmysZpdlZ930yVXFoyCaEt9-lgglJy4CZCjbFhmVmxKPBtgMJyRYVTULiU9N6DGpSF0IDStDdDSTxn40LEGtWxo9Q_sO-ApSqcVWwCsywreKxMd_gb9E3_QlvfmkGnKQ8vHYs64N63mmm5b8qWjocVZ9GJM6h3LWC0TF8OJWln8Gi7i7neQvgGAFTXeIAIL_LpFLHOyLo4HZbcft3r0h32Z8e8wgHyn8wj9podzpouecKJeHc0TZ72oY9GTFGU5mVF8HDeFVpUKiBa-pTOgJ8x52ltCaM-m89yYskPrIvmf0lbR69qux6dzXSd-NpqQdIG-NGmgZ2jkNlDNFL1cHBhUJDltng35u7i-kw6tA2OXXkGjVGyjZuq2IlN80coUAigisNKne9vBeJtkUp_Q_b4CnsrJKEXS3kYJcm9RVmbcHeb4chxjvsLvg1mfJQEEhukk6-tQwoTvN7W0AKq0NhC1U-I9G5GrpVnX5jHhbCW54jgBYSK0laW9ZhYv5Io7RdsW8TUEGiuGuh9BolOc6U9mBJ-C_v56jiDcEc8ns8YJTg

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 22AC 43 B
215 B 346ms
129ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=e6c58593-7d68-7a86-a403-8e67f354b959&tv=%7Bc:ftxuY8,pingTime:-2,time:430,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:385,beZ:386,mfA:734,cmA:734,inA:734,inZ:735,prA:735,prZ:741,si:743,poA:743,poZ:747,cmZ:747,mfZ:747,loA:779,loZ:780,ltA:815,ltZ:815%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:358%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:430,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:358,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~1%5D,as:%5B81~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgHaQu+111.488356-54699614%7C11111%7C1112%7C112%7C1131%7C114%7C121.488356-54309641%7C1211%7C1212%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:72,readyFired:true%7D&br=u
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EDC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AE45 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:10 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame B757 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame F84A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE2E 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=659913240952913&bg=!ERKlElbNAAY6sG-_OrA7ACkAdvg8Wsw6KwVxSW18RtgqVh45VEntTStxtmIAvDyhhUO6qnNSTnLL1QIAAAIZUgAAACxoAQcKAG5hKBZRh2MwmCXj2OpTtqpNuIWO8JNSQIrjrCVQqcF2-oAWh8ef9xFCCBBHpQVnxWVnXgKr0hKmnOSefbClCy4shgaKAh_tidAv_F3QlHLA9X6nChmk-5wYgb5CQZK-CwQ3kSQyGtXUV3SGQncrhpkClzgHFJLQbHWULMjYT-ec0o9XVD9gfbbsQ2MXPk8-8EVUiJIf-UunSeZMGU7HhOFWvZv04DINFIkgibQRuvvAZR1DOtSBiHBfqzI00HGN1ed1k4hT1fAwtJyTd9J9ZJycVLH1wo2EViLDVb9DnRgWM4C4T6NYGKo9X7-TM4ldt7VMTJtuXWdFsVtEzKC4ZcvfNfwGuozTIxuNuJfeVdgxbFeA7zPP1MmMd1b65bQzIfEZoY8iS79fAzywfnRLlq0X60J-jEY8Bdn5ZlRWi1z-lZr4xVkNcle-S9PtSyp95LGbFxQ6-5QC2frPH9T68iUGqfbya0L2l9J535YKi90Kr5r7cuGzyrFcow8qx2JFbpnSq4P2EWbihCU1sUQZw4XCoRpRnMLTIGqY9I51TFG-FB-5Ke2FprL16xKTj_7UEBtZ4GQzkvbD2W9mbUDuemeYuIJ6hjLApeUOJU7jeBvQYNizz_vrO02WhkdlbDLrGo5Y8nbKI3NspKNj16CdLfETNuZcGdQ_j2xve_mN2GlGbKvqWQaCGL-v9XIHesO6ZpMeLbPgpU_VanZWpZgFhvdOUWkxcTMX1eF1JFzSHvuksKMn7tcDciV_ezIVeK_qsDm6QM0Td1CfiTqTWwMW-WvpICCPWK3s8ZYu_pbhB1SEI_PNmOLnm8XkORi14xMe1em952lUdngsBsJOPI0nXCUwPdTf7yHxV4JRGPznHzgzsZfn2lUCA-4Gy3G7umZLayI5medg34vynMhMq8SYB8hpsijWthLZzj2yYZULFVCuR4wJ-v22R_oMVqFH5eDvWojgTGmkXqVRcfeLYL_nddqSqs4yCFHecQdARhnUdCv4M947bBkVnmz39elc1Bo4hoMygRp7kBs-XA

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86F1 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061001&jk=273971745572653&bg=!fX6lfjrNAAY6sG-_OrA7ACkAdvg8WgTrrvKbTVhXBpYKqdv6lKIeYzZUx4ttEFqZJbNR3cxoZSsrlAIAAAIzUgAAAENoAQeZApkAC4CE1w9Kcmr853JHC9GOP-43tFUXWM_l3WxP4NEMfmTn_CWhXxI_NTE672D70hqFoBwXc1UJo3T_2LBvbWmqdPuetk5RLRV2UJi7NTfZSeLaLNd1ER09eHqvBT1o_ZkyitedfA4N9Jhb4ATcazcIv3w0Y-K0GPYWBPLMnTmWEFT8TcFQwoaBJA25COBJo7QUljCKxeP8UFDI2FfJikkFPyrtIxzGZLgam4bf_NAxnk98u-kKB4cBjFYAo8jOgsi83KsFs_OJ-R-vGxGpFYsWW9Rnmw9ppZLTMSGPBW0ANWVVoLLIhIXrhGz0PsEC5Kd0oF5VA8LGubobxYxX4TwPJk7jsKMUXuNvlffw0L1PrG0J7Pt_CJYgHkRHg4EG9SrEjwAQuhVL14Pewg6g2KoUI7C9ezirLtq4hLCg_SqD7ArwayKZZyr4B11Tc7nfHPdI8H6IlQO31hPywrMFPhaiRneLSf3M1nfVncHDR0ZHmKmK2ORE9xh1YumwkzdDi8Fua0AD9dDHJVIRywPVeq-J0Apv2gLyRyzwSOAgMC8GRIrLxu92OR7FKgdqts4KmXdPrJ0ifBjEW-UpnXUZRnkd_nWcBDv18m80hZegl1SuMdWFdejVEN9BGd__0nJH12MZVo2qsVrs5m46DWYXs_F2iOBm1bRjOQCtSdMubbcqV-5MxaRqAzwtXxicXbm7cEgLxzkyN-O5UAGQh8pv5Ks4tKz3GVOep2AuCZuC7igwwaY04OgSPWn49Nw8ZmUK5loLj0AJ7tGXfQeh2OMjtUhd85vXon_2hBL4CEFbSusNAQlRiXCIX1V3issQJpQEB3DzzW7tgitvgBV3nq_FEmzP_SarAkp9HW4_uD5IT_DR1f5e966gn_Hn2A

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A608 43 B
215 B 129ms
128ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=c0e5c7e4-85b3-d499-1f5c-ca7166f58416&tv=%7Bc:ftxv4i,pingTime:-10,time:983,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623634090477%7C%7C7b7dfa875c0290737e7e1a4f9f1e7a52%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cef21f023b12f9752b73036b751e1f837%7C%7C815cea459f342201f5e1b50e76f8ef82%7C%7Ca23f509d91750dd8db62133b4e9a4007%7C%7Cf41293870a51a8b69e26421028307320%7C%7Ce366e662f7bf616643711f8884e7da68%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
URL: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FBDC 43 B
215 B 129ms
128ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d1642a8b-3cd1-e3a4-daec-6171a29c4f7f&tv=%7Bc:ftxv58,pingTime:-10,time:1052,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623634090529%7C%7C3835f9fc9d963d4dfba1072ca6a0a083%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C91ced58023988f742f1bc2aa97570d20%7C%7Cfc613aa2effda72aed8d23a72d3586d8%7C%7C02e43853c49a6900a245999aab557dd8%7C%7C2801115463104a0fc1989baaed5cefae%7C%7C8abec4fbe0b485dd9c2191976404ec99%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt41.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 22AC 43 B
215 B 129ms
128ms Image
image/gif 34.207.8.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=e6c58593-7d68-7a86-a403-8e67f354b959&tv=%7Bc:ftxv5m,pingTime:-10,time:878,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623634090543%7C%7C707e9960f97600a24bc2075f66926920%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ca4435eafb7ebb4a1b2662cf97c4dbb84%7C%7C5791c8402666ca17dad4c3f89ba0daf9%7C%7Cd51fac16bc1da67234a3abe6983ea4ec%7C%7Cb9da39aa11213f20157baa5c1459e3d9%7C%7C42e6abdeeea9ba8e9ed8b1c2c3f8e2b3%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.8.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-8-197.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-server-name: dt56.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A608 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZOoJJKEGJGJh6H0tn0DWnsnUX10fNdUa2DC0d0a0RIHomYs4gT1tL9KL6fypw3bnu9ySbF5E0XqXehea2v0nmkYdjnfsUeJGJiiJNlI0&sig=Cg0ArKJSzIlIsB_GhEyWEAE&id=lidar2&mcvt=1022&p=0,0,250,970&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623634089328&dlt=15&rpt=254&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40FB 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2321351769800138&bg=!ubqluv7NAAY6sG-_OrA7ACkAdvg8Wj2JWlqVktYKdLviV5M6g4E_XvXBwiSdl2BdLCkF7eFdkSxajQIAAAGUUgAAAJtoAQcKANOZkfu_ZQbHrvIvGKO_pm2NQi8NwQcDRoOYhn8lipqtyaqdccrF_Jyesg7Fpzlqsmeli_e_0rNCJnTle62_zHXkR437Geqw9TAuio6s_IIgaDphINk-scUVLpSNLS1UpkwOoIgYXmUMazt1CIaS0uFdldiJp--p9gc25YHZHHWC7cSrmow_N397t4ir_T2RD512lmFBKD5dAfsuaRtHjQiJ_pM6giYPEUfcnyadIrm_GaswavQs7S1boeSnRZQnFlsKH-FXjIkX4mTiXABDrhXqhP24mQKfY7FE99BIDN58nSfeEqz_6pAe3ZHbi56kZg4F1yf9-gm3gb13R8VPu4_ai61Jj1wd4gMdSLGZG2aEGYDycfEGZqVXsjPNv3zpDK_FCCeOs-F4jaU9H2zSWhVIJN2OROwVcx56N3zXf6f8Z3LiJJHPyNH2cNujgQ_vlBcQJ22Ky7yU8NI5jvnXPPo3hODgiGL9IEQmRcHwod3ggoley3wD5pdkrM328EE4hvkP0Nh7Z8VIiw02it2s7aUtKk99xKsUbZRrT0q0BOFu7pTcLxZbD4Xj9i-D5YIeZLIwEYLSxLYqHUsO3ckgBStBLIVfa16yeCOQ_QMkNPpDf0rvi7mi6J5UgFLIW4ra0pbmJZQpygCojk8sjzPBjBLKT4cvxZF0qWsSU9xLt9Qfhp4c3B6GU82lbF6toCDpWb2kbUzZcBk2AGiOa3yCpVyAZ-P0ccZFb_QmRHzwv5zwK6F2eImH-8BwxMaN7zgARkbAy0t5BmMfZEb5c78VBBZUmjmnIl6LzZ91p257DgwNb2hGmNjFQOeRKiH2DAYvh5cp3bRi1AZVGyMVsMtustAfZ-n5g28ujDlRYaDxMdvA0OLLon15TMVdaWVLM7wA1rLhxQhN9_1MudwAnBk5TPfqqTKHvL8mdUQpKKJzEHuiDdtFvvvkGnVU26PzYV6bwqppWQxynlz3M_Gr5TI6nlXgv1jmpU6Up_foo0ZxQ-_32Mqoo-wywG6rlJxy4tKrXAekDKYolNcVUTH74PohyaNfHPkLWKjOgHKtiZy5FaYL2g2oO2KBXAzB4U7bT8zeqhDtWwShJ7wFE-vU1Klb8m6EDYT9mfhVSIUGKQdhl6NgdGdvcJ_67ykGupL_Te0jILMApoddX8dy6y_mcH9VsqaS5UyHFmg

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86F3 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAr8jqbDGYNPuFqPl7_UPqdyKyAcAAAAAOAHgBAI&bg=!jI-lj8vNAAY6sG-_OrA7ACkAdvg8Wj_CPDOQfLqOty0DBIOrsmHf0afNCNO_eRY4W00vuEv8oPGunQIAAAFxUgAAADhoAQeZAuUjYwZy8NsucuZrv6lJnPbmf2JvK94YcXTUpTeWpxi4plY_uxmcR6SWEMqPEoXUOQ-WoyLID0qIIN1tS2b95AZbktZ4HjwoTnxB6w3ovX2LWMfDOBxRVj38VvixWlzqV3DbUmK_zyTGrivO3AUXj1WVexRF5ZRhFxAJA-VYxIseYsHvS7uP648-skuCI7WBbc_NzgYKMxCDm7g4Vvg62_-LFjgenrMtdPdwQZ0u_mXCEgaZhLcZCTvGMkES401xSkajlPrp9nnTLxaaxkSaO5UMG_GKnt8TVz_ogGH909XlyjtQHo_i6ZloAaUvopNwp1ylojd-wnXAaHjv4NkOwNwaqDHMQFuQ2EUh1RkawToPlu8wF9Db_M4-qXCGmjIc5fNESl_F_8tcnRCPqWCotTEER3GP3dAyLDGNYleduU5b81b67Tb6_nJp7hoyZuyrisH_TzskFdtf2h4EZtof1MRUjW81F09DzjRS7nfR80WqJkykfWNzXZ9vQ0vOehP-DnEE9eyyFzYGAZBTCYxyp-7YzwlgSb_5yyfNEkvNo7pQSfA-vhM5Zc5lJGkfRPf7uT8ujnRsxo_HtMXVP1UIhgvKTXvfPtBVhBrHiwjoHSt-esDotD-ZB0kyvTQxEI_ipqyeTUMs6KfVQ0dzibb2OpkRWaN0RjM5rq12nCKZoH_m9PTBTC6Pn4DuOJWEXkWn2JZaDy2xJMTRt5ndYxEf_kLLnt_Dqrbp_cpEv0KKAD5BhEzD5cqCilVOW9VtmcSOHPg8Wrd5gHO9NUWIfQQdpl__UNogT8mxE7id5Q4gm0XP0B1mDJSfGZmK7YRj6WxWIec0O5mJsgCu1JASQlJs02clyH3FjjN7OLm1V5VadU5WlNpNW2uVgwS1sUL175aw82yeVQynUl1lt90saVUeVy0_6H23BTBzggH6dc39Yp55cjJsKear_CJeIT_QLDsu5SBM776-XpiM8Y1qhqxuYpkgfPR9hbY

Requested by

Host: 63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
URL: https://63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EDC 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV6h1qbDGYMTDILeU9u8PnM6m6AwAAAAAOAHgBAI&bg=!7u2l7anNAAY6sG-_OrA7ACkAdvg8Wv6Vte6brhq9WvnIR4LmcweMV8G5aOcVK0Z9kWzXo4y2HecZtwIAAAF2UgAAAChoAQcKAKUXrEdqbaZk_Mj3GLuwFw2zszH24LBkibzMt0E6w5EEB_4k3oxaiR20p39GvP12AXG5LCu-uvAFRttF2ZLRlHeaPqHnEtD1l_DxGNc3bfpCVOYIl8CM5uLA9US7_fs_Uo132J7XWMR7fo_zvXfCD8ncKnwyoXXin67B9_7RWPaTPh3Jgm-Dga-4mJUlrAiSvPR_0040BAQcPbDIlpBFzqo2cgbDtUmZAtfzUo5NjsFGLoxyfQuHR7pBJKqL-okaxfxwC-o9-feIIKdLJyZk1Dwy4fwXlnzPEvzCdsYoAbhAL4UN6DwurDxVnduMeTtjCplaAZA4-kZcFvaFeZHcqPU2Besr3vFR28GPpch-rxVZI7_LWDeWGj_JJr1Uy7ZnGqUVLZuZtdVSTAvrtwOhFOxH1Ai4YAGBGGPFFHqvFHMnCEK7T3DbRZuRnfW7mX2zSjAX2wD4cCy1VD9_FslI8jBCWAazQn3z76D2YPKe55qOFSLR7xLs3VhrznvaB2eI2e_QUlB381EWMoXcKe07Ny2cLmG4SLN7CXvmbumlHsseYdQYtiFm1iU4fESNO_hu2d4mCHhUuSdh6XvLkKCalYF93XW6VHPgesOAKeVJq7MinDwoIsox1XZSM7QGxS9iorAuvluOB_6oZvd6bki87eufWEd-HsFy-UNU4Soscd0c9zh9EyIrMSnJmOunAws3mXqTxgvj6t_gN6pcqxUqUtZs8uRq3ykT2W6Bob72sUqGNrv3E4PKbJ7ddd3zAaQlLD3qlgISjgT6xmi1CLSA_QI7fZhuptmnyKLDkxYrVlSrb3CygJdypjEIcz88tIEqGgjurFTk76hQbUdzssY10P1-41cY_SBFqbZnPzkc7kkVLY3OVm75MGUiycH7IhKFdlYkzc5LbWfXezSs6kNNI_ysffUhbAjuinZDVHOAWEFUcfaN2wNRNKkvA6ocsVDh5FKuNNp6Cc5AMf8NAL0mTLKc3fcoqm926VM8D3hYUpnrpx38QuAPuB6QwEj7tJbvxkSuhQllVJADQ6vyPS9zaSJ__aPLv-j0fhHZfVZJCJ0YhWkVt5EBOnaWe51s4nQ8UUpX2Xqm3eAP_xy3TDcbKzCakErn8HGEIMo8WYd6N-jarcekDjYuBc_Vcumn9ej3faPGA2jQXI6SgPRuSpD95DCyS1WB0YAwEmBjEBK0LB9i

Requested by

Host: b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
URL: https://b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B757 0
20 B 22ms
22ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bd1rVqbDGYIHHIImM7_UPy4mu2AsAAAAAOAHgBAI&bg=!kpGlkdXNAAY6sG-_OrA7ACkAdvg8Wmuhj7hwjHJ8mik40jEv4zl72ZmgrwAhEwKlr1fRhq9f4TC7_wIAAAFtUgAAAA9oAQeZAu20E8ADlHsQ2hQmXQXo8lijb1ZRj9T6lp7bmEVnHUyxg0PUfD0Rjc9gmfXwpyW7PEEkvz8Q29wSz0TuyqodxlPaMoXZUdGIUDy1Q2T2xomiF0Irzd42iRKVO1jGPE-6auPwXnVho2F0i1NsXa8qI69blDTgRMZv1lBi0HEG0I3PRoBfEuOBGTEvJMMgkSn1qJTacire0mbXxfT1bEU76A035REq9Jzu7PkxaO8SWiSNZn8aionQu6dXA86MAoPYBNA2JADeSeRpX3q88IS-IGu9SNkXICL3mEe_b5-fEOHr-9q48SIT0IaVyYO5dCIlRaWA1WYGDUH2SBIs76MvVyCCxcKlgKCH2K-cb5RauoklzW9nyLATaaBCNIoHY9gbRfU9az8uH1bH9CnFN2CCew_vn3i_S_chAN80ZwA940YqbdvLQQ3tNq06M4A0qyvI2KDzdipWuPMrc9jlpAQrGRd3COh3eaxXdxX89mf7y1A-3j87mpe_kLveRkL9WCNI2qig3k3xlgDWqsBb0zoRrg47fsIz2BTShHcNgWTbkKcpD038y7Bcc0o3XxKaZ_oLpkUn8JhFJR5BYP1gtthOFUhI3JhFt3dx-pcb8LJRrQWUc-TtAKVOyiGUhvmtZsNfsur7tYXya_f20zWlSUSxlRE1ejoIMgtaLSp0SSfMHI4yo9aA-6g2y5pd1WpmZLvsf2sTWoXLjshjf7XajV84Gi5sEDqPVqUaTKkxmnhUTNsTZV-14bH4bg9K1Xw7yZif2_TFka4K9ExTQsbfrqFIKYaVtRl9fE2MUvKrtETHSICqBnJ6Nu5e9gi9sAPNOpQsRM28qaWPEvpBriwDz5l_9wIZFZVqymG0cDhlm0hK1vBFNR7C8zTNJvoOYfp5ix_F53C454SfFGOFAYsGwoEZilOcuwwDd2UpeEEWrSYj9_Snl85hgdP6qCt6OWh4O0984QH8hn_s6sm9-6semuqAaF39MqJpqAojnCmpDWFoFg

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 254ms
157ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 01:28:10 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6d464e043325a01d4afecaff766dc3e248ed588c42562c1bc15b459fb304d0a9
x-transaction: 9b0fe3e7f01603af
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
412 B 31ms
31ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=4d9de651-7e5a-4aae-8380-4816968727b6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623634090687&vi=59b301e7316d71622a79bb34219eae31&nc=true&u=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&b=143679850.1.1623634090681&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c4f460c6-78a5-4b80-8e33-dea58a065116
cf-ray: 65efc7cad9a697b4-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9bb32c6000097b4299d7000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ov5XjdEXBzf2nDsVOubszecFNgPVZ1I2DIdgEGe%2Fbs4nSOKFyhXjMM%2Bs%2BJ%2FZb3RL12tL2UuC7XSXMQdUUlDVDHSW9RbEQkL0eQDnMpN%2FQW459Cqr%2BTO7xSDSDTuGMY%2F6wL930JwiPnF9iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
384 B 39ms
38ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623634090689&vi=59b301e7316d71622a79bb34219eae31&nc=true&u=143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1&b=143679850.1.1623634090681&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5e0da408-5115-46ea-b4b4-cdfad9122ed2
cf-ray: 65efc7cad9a797b4-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9bb32c6000097b4a9056000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=36mXsrGkrmaDjt8jh7ogVtY6FutAX1lZ1eAGZqrbTm84Lj7py%2BTjR3hKyi44OS9atEWRekmttzkB4c%2Fo%2F2NVnWCdVjDRmKoAPtjZV5sE%2BpM7l2pSSIb6%2Fgrk3jQp0JWLYs9nr9g2v%2Btv8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

169d6a7a2052a4310f707a31fd9cd9342883ac9418d3c063b1caea3650b10b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8452
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:28:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 1D37 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8ABB 783 B
530 B 15ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45f7cad5e4a254b8e087acba36ccff71b47e9f93abc6cf148ef2891fd513fca6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AdfQL02cXUm2MWr+vOcriA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:28:10 GMT
date: Mon, 14 Jun 2021 01:28:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AdfQL02cXUm2MWr+vOcriA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D37 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3907799505559935&bg=!eXqlej7NAAY6sG-_OrA7ACkAdvg8WtFaGRe-lscqlQt7sEqhwzb-r-mSxY3PFEZF345Tj42EVUnxFwIAAABaUgAAABRoAQcKAJqdZs8IyeWXrFjYihmfNHgAUo2nvfki7taueLj8Z7vWsyzPzlWRvrUgcG8lkaUjvDZr3-qBpJHekUFhrjG_X6VVyGC62Zqn2KuKEeqn4nhjcyLjmjcIEAWxx1b4wPyL-tp8_oLbjfZRgGKtqCFDBjj1inejxmw_SzTUG22G9aBWznYh2kn8-x3Fu_kXglcLU5XWFMI1O21r4hEwmQJ03iJtBfo_WuqK9Wneuk6YmtUkOSqYVtdcrgBTS_CiaTix9_gUGyYIII2EQ_iBEekv7ytaEktXV6dp544zSylVItPLSl5j5nz9gMcq86YUsvB9SeXzA8XrGWAI5-HC85hwNmtIBsv_ZHeZ0uZhkq6SvHtgxMsAJajpGceQkRwAn8I8b507I4crVoNRVurhz4hFMRJCBMm9RwDEkauvmTNr5LNzEB2NXh31y7PRuKAvwMlW-NcYWzRIGL_QhAoC-slNZh9Pi7Law5ovYmjvlV_-Eht7Yfj90-l9YpiQI4a34HwYtoGRagXvDNP2R_cwKv4spQOuOX0pEhMvHoEMY_1RU0ppcGvKtOCUHjokgjv75vJORZgsFLeb7dbx_FuEjzIW718lOVvBchjUQfTs9zP4t6XTHXUeajfA3f7QYQWEXFqmlRarDMPWElX5GQw2LOgPTxKsfWvCPhVLHzx749mswk2xIP0k4x2GNje5lLSF2dgW3LpavLElpqEDzm6-Ql2aiFvlQz-JIzjOKQo51SPgPCQXBxv2ByA3-XPTQyXxI7mrVsuD-OWrn3SSCGNXZnC2FTQz8pCSwiQKouEA-UoyWPlkNzFfOk9ErUpqxqkf-HNRLGPLUxD95Tx6Lg3yPpt_AAk8XRfddm1oE2l-tsfGdodSM8aeQcdSf4-0VMsQEv4q1ru4-uLlpNSXf-KtkagwrSlvdvu0Y4mWxYq1MKlUEEZ-dd4qlu6h4YPTrjed2J4KQ8zLnw6qeyZJOsRtRL2_oZWWswQfQ3-mXHaVUt54Rqf0ygffkXDZwe3MAXqhDjHs9mEF21kTk36_6DoCxOJ0c3E35Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE45 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNuJwtryP3xOil6CgoBSUXNshh6BSFBVVODLlzbzotYkaheAv1WZQ0YzlFKMbVweBYILd6ZNhk9IM-VPgcbOMOTw&sig=Cg0ArKJSzD33GP8Uv9ZJEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=2711260096&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 5 KB
2 KB 25ms
7ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:07 GMT

GET
H2 200 fa2c2eed25a7d5253bfe041867460715.jpg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 113 KB
113 KB 31ms
14ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/fa2c2eed25a7d5253bfe041867460715.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c15b66cb07f71fa87b020f574d0639b3f6ecd149afad830d289f5836d9bc88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53490
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115706
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 5a526769e6c189eab1fe4b501db1b98e.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 128 KB
129 KB 24ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/5a526769e6c189eab1fe4b501db1b98e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198de8b38e461e78380be9c038b63d352e51dae4ef3f439191497ee019711319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53490
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131505
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 user_uploaded_metrichpe_900_normal.ttf
s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/ Frame AC7D 70 KB
29 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/user_uploaded_metrichpe_900_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a5bc04e24f55190ff48c885e28037278acf8e7155fff920486f9ab3eb27288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29542
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:18 GMT

GET
H2 200 user_uploaded_metrichpe_400_italic.ttf
s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/ Frame AC7D 69 KB
31 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/fonts/user_uploaded_metrichpe_400_italic.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

364db2a7fc46217b2632d8c9b4b6c2eea725c7fdbb8fee145e6598a24baf410e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31233
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:18 GMT

GET
H2 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 5 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/86c850a1ba864a9805f17358244a54c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 10:13:07 GMT

GET
H2 200 fa2c2eed25a7d5253bfe041867460715.jpg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 113 KB
113 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/fa2c2eed25a7d5253bfe041867460715.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c15b66cb07f71fa87b020f574d0639b3f6ecd149afad830d289f5836d9bc88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53494
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115706
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 5a526769e6c189eab1fe4b501db1b98e.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 128 KB
129 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/5a526769e6c189eab1fe4b501db1b98e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198de8b38e461e78380be9c038b63d352e51dae4ef3f439191497ee019711319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53494
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131505
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 c6ac7478a664a4f0581107b48c0e8d10.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 14 KB
14 KB 10ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/c6ac7478a664a4f0581107b48c0e8d10.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874bfbf769025a1fede5614fa4c80999116c90d6459a7fe15ac1b1e8cca9e0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53484
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14151
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:53 GMT

GET
H2 200 fa2c2eed25a7d5253bfe041867460715.jpg
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 113 KB
113 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/fa2c2eed25a7d5253bfe041867460715.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c15b66cb07f71fa87b020f574d0639b3f6ecd149afad830d289f5836d9bc88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53498
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115706
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 5a526769e6c189eab1fe4b501db1b98e.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 128 KB
129 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/5a526769e6c189eab1fe4b501db1b98e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

198de8b38e461e78380be9c038b63d352e51dae4ef3f439191497ee019711319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53498
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131505
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:43 GMT

GET
H2 200 c6ac7478a664a4f0581107b48c0e8d10.png
s0.2mdn.net/dfp/384545/37259705/1616425583975/media/ Frame AC7D 14 KB
14 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616425583975/media/c6ac7478a664a4f0581107b48c0e8d10.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874bfbf769025a1fede5614fa4c80999116c90d6459a7fe15ac1b1e8cca9e0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616425583975/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:36:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 15:06:24 GMT
server: sffe
age: 53488
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14151
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:36:53 GMT

GET
DATA 200
OK truncated
/ Frame AC7D 625 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a78c10ce2f06084ecd9ddf2183b4b49e3fd69e0967c6321281ca9163357a1306

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 19:00:35	Name: __hssc Value: 143679850.1.1623634090681
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 04:22:10	Name: __gads Value: ID=624863c3102b0f3c:T=1623634087:S=ALNI_MZYeGH0kZKiGWawZ73qFiV_m36t7A
.doubleclick.net/	1970-01-20 04:22:10	Name: IDE Value: AHWqTUlPsLNCXywvmIJlrqp6H-uSc4hSMUfEn6_-WxXwq1qkddtrSBE8ESXRS6KugH4
.cyberscoop.com/	1970-01-20 04:22:10	Name: __hstc Value: 143679850.59b301e7316d71622a79bb34219eae31.1623634090681.1623634090681.1623634090681.1
www.cyberscoop.com/	1970-01-19 19:02:00	Name: sng_interstitial Value: true
.cyberscoop.com/	1970-01-19 21:10:10	Name: _fbp Value: fb.1.1623634087076.36818992
.cyberscoop.com/	1970-01-19 19:02:00	Name: _gid Value: GA1.2.1007293881.1623634087
.cyberscoop.com/	1970-01-20 04:22:10	Name: hubspotutk Value: 59b301e7316d71622a79bb34219eae31
.cyberscoop.com/	1970-01-19 19:00:34	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-20 12:31:46	Name: _ga Value: GA1.2.37909276.1623634087

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgW3MN2tdDy2X13w4W16plMR8Sq9BxN3YCRP5_mlqBW68mtWC5Y1lv3W26kn1_44N2kXW73nkCK8YJ6Q4W43-3DK2Ww9LTW28p5CK3020LgW727CcB5ZByW6W8MN0858wbcJtW4fjNkr1-gL-vW8LZCCx4_27gZW1wsYwp2BwfTpVQ9sjQ72B6LkW502vHT3mtBy-W1Mvfqs1ZXLwhVhdB978dHp8rW9c12LG4My8gbW5ksqjr7WC-8sN2dvJ_Lp63VV31L91(Line 13) Message: toS
console-api	log	URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f7388b1bf27a164167d09f72e56b43e.safeframe.googlesyndication.com
52599bd75b5400960907e9398b50f17c.safeframe.googlesyndication.com
63f8e752d8b13c478d6cd8a15b31c088.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
b6aedbf3061e1da7070820dec7c8f1e9.safeframe.googlesyndication.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
events.mmi360.net
f9ca1bbcbd13ef77a9207df2861d76b5.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tags.mmi360.net
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.197
104.244.42.67
108.174.10.14
142.250.181.226
142.250.181.230
142.250.185.194
151.101.12.157
151.101.13.44
2606:2c40::c73c:67e1
2606:4700:10::6816:46c5
2606:4700::6810:5605
2606:4700::6811:44b0
2606:4700::6811:b749
2606:4700::6811:d6cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9a
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.12.243.139
3.131.245.186
34.207.8.197
52.209.147.172
52.21.95.133
52.216.27.166
54.72.19.162
007811af35be7403136f95700fd7ac160ce7967a12d1c677703b7a04be6ed451
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037f636b6d7b862a202551f84c498f6a5358cb79aa80ca802338f67b0dc29b14
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14696769a76f4d45f591b1adaa8e049973af59ec64211d89e3d266a63de4bbeb
169d6a7a2052a4310f707a31fd9cd9342883ac9418d3c063b1caea3650b10b44
198de8b38e461e78380be9c038b63d352e51dae4ef3f439191497ee019711319
1a0b09cbb763ef7e1ab6183b36a3ff732a874dc4faa20f375c807d8ade0438d9
1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ee54375529f3d07f02aa23e6a6f7cabcea276f9be58b61d4ef7b5b88ad9ad93
1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
23d47e0f5487d6b5c35543ad49301dbae125f909504b46e46b644ac2a2181480
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2b197f033111afe064ad614ec0f25eacb5186b3aa36359d3a24b4f14bb3df29b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
364db2a7fc46217b2632d8c9b4b6c2eea725c7fdbb8fee145e6598a24baf410e
38babde5e42768260382d2537ebf5eba50eaf83a6c704c49073c6f2eb9af6441
3f6913929f4c53316a97bb187b30e7b5b62a63ed0e2568a4d2103d3abd4dd5e1
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
45f7cad5e4a254b8e087acba36ccff71b47e9f93abc6cf148ef2891fd513fca6
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50cdb174f4519a1e312c77f8a8b45bec0ad0924767a03518743d224f7d659c28
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
59f37faa4a37839a30720a4fb5ea062571246118c8ee29a496efbcc8580fa2a8
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6c15b66cb07f71fa87b020f574d0639b3f6ecd149afad830d289f5836d9bc88e
6cfc736b9fd3abd6d46b9c0ffcb3ae317723d3a55b9e2d3366ed670e9326879e
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1
76a5bc04e24f55190ff48c885e28037278acf8e7155fff920486f9ab3eb27288
79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d
7a57f85042bee08c2030bffb20603203e8f8e997fdfdf130e663c13d55e96d3e
7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
86d4aea5c8e3f7d17e280e541d60e244bce747227f5541201154bd19c264a40d
874bfbf769025a1fede5614fa4c80999116c90d6459a7fe15ac1b1e8cca9e0a2
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
90d46ec08f771125b01e8edec1882a31aab95cf0c8d6da3cff8e811648dac370
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
947c8bc80715a512f6a7b87dcb956f4c3491485e2e42ceff7504b008de2d6d09
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9796c5b50689a75f3aa13374fa1b41c3e1346c0cf5d1f654c20bb2e6107c4ae5
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7361b53c0f6ff68acc0e1b45b0d4029721abf123f9a7780f091cf67f6d02bfc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78c10ce2f06084ecd9ddf2183b4b49e3fd69e0967c6321281ca9163357a1306
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828
af68601866a0c971edc24c4861a806241187ec7b074aa50f3543f14b606be81e
b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b
b29c2884376c3024e78a79357aa593b68efaaaf0ac99969cbcb2217f3606982c
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bff946e2cfc210c60a095d86455370ad0d8428d9126acf0e7b60f92137d0a697
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c91db7f3fa6953f5006dc063b5ef3a9382b88ebd4d7e53e9dd8f1223650dfa1b
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d621b05bf9a6b56ceb90e7bbc023d4a694353ef943c018165b73be5067ee2c9f
d734fe2792821de433cad669d4365ea55c85a71c03823c0691b7a8c36ebc4bd0
d840de4395c258664d54c7cdbade77b3481036f98a8d75306a57424f81d7abe4
da58b6569b6594fdfdba1073bf0fcce454eab45c9c7440961630bf6b6b455b56
da5f233d4e7ae800b2f65a63b30ee6398399655159bd328b94e4db488dd9af59
db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e1ffd7a44f30ea75328a59ed9ba0ecc35f97c8fa93ca66308065a8c2128f8acd
e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3251c877bedf19360463be8ff30c8339f1f379935ace871f354a3e9673e7b62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ecdb1f9033b14ecae8b48c6c031db9e36aa4def65bbf01d81c1fa5936d0fe0ba
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f8b8c65e1f392bf3ce085a459c85a3ab7e500b928edd602a016f96164f46b852
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f9c2d55dfde1c111e0bdf5abe0fb5d025978b2c0b08f126f405828aae54bd638
f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9
fbf7b8a9009ef57347a60380cd8d881d33ce9a2ee27f75db5d4ce0a754e01e1c
fce1eed6a47a663a121ae372e6313765432e2bfd5145faf7a371be0aea4c263d
fd50fee26d4504f331da5128d0718dd3dc5abcece84ee37cc894f057d7646d8c
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

263 Requests

100 %HTTPS

69 %IPv6

31 Domains

47 Subdomains

47 IPs

4 Countries

4452 kBTransfer

9560 kBSize

11 Cookies

18 Outgoing links

Page URL History

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

47
Subdomains

47
IPs

4
Countries

4452 kB
Transfer

9560 kB
Size

11
Cookies

263 HTTP transactions
6 data transactions