urlscan.io logo urlscan.io
SecurityTrails logo

www.cyberscoop.com Open in urlscan Pro
108.157.4.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s2.bl-1.com/h/dpVsGT9n?url=https:**Awww.cyberscoop.com*cofense-emotet-irs-phishing*
Effective URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Submission: On March 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 5 countries across 34 domains to perform 245 HTTP transactions. The main IP is 108.157.4.90, located in United States and belongs to AMAZON-02, US. The main domain is www.cyberscoop.com. The Cisco Umbrella rank of the primary domain is 363076.
TLS certificate: Issued by Amazon on October 27th 2021. Valid for: a year.
This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.212.151.50 16509 (AMAZON-02)
4 34 108.157.4.90 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
25 142.250.74.194 15169 (GOOGLE)
16 52.217.68.46 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
45 2a00:1450:400... 15169 (GOOGLE)
4 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 199.232.136.157 54113 (FASTLY)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
33 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2 54.77.162.139 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.22 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.230 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 142.251.36.66 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 152.195.15.58 15133 (EDGECAST)
3 2600:9000:206... 16509 (AMAZON-02)
5 104.244.36.20 7415 (ADSAFE-1)
2 141.226.228.48 200478 (TABOOLA-AS)
4 23.35.237.151 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
245 43
1    34.212.151.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-151-50.us-west-2.compute.amazonaws.com
s2.bl-1.com
34    108.157.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-90.dus51.r.cloudfront.net
www.cyberscoop.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
25    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
16    52.217.68.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
45    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2a02:26f0:fb::5f65:58e0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com
3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com
8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
33    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.77.162.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-162-139.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    142.251.36.66 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f2.1e100.net
googleads4.g.doubleclick.net
8    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizibly.com
3    2600:9000:206f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
4    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
69 googlesyndication.com
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com
8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com
978 KB
34 cyberscoop.com
www.cyberscoop.com — Cisco Umbrella Rank: 363076
788 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
ad.doubleclick.net — Cisco Umbrella Rank: 190
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
796 KB
16 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
435 KB
16 amazonaws.com
s3.amazonaws.com
68 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
4 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 523
static.adsafeprotected.com — Cisco Umbrella Rank: 524
dt.adsafeprotected.com — Cisco Umbrella Rank: 468
96 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
289 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8069
www.google.de — Cisco Umbrella Rank: 5640
2 KB
6 gstatic.com
fonts.gstatic.com
132 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 374
px.moatads.com — Cisco Umbrella Rank: 395
105 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
www.linkedin.com — Cisco Umbrella Rank: 595
px4.ads.linkedin.com — Cisco Umbrella Rank: 4868
3 KB
4 wp.com
stats.wp.com — Cisco Umbrella Rank: 2718
pixel.wp.com — Cisco Umbrella Rank: 2543
7 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
3 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4110
59 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1049
trc-events.taboola.com — Cisco Umbrella Rank: 1670
18 KB
2 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2427
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
315 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
114 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 10362
345 B
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 7353
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2344
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2338
20 KB
1 t.co
t.co — Cisco Umbrella Rank: 463
337 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 518
459 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2505
897 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 622
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 938
3 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4981
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
60 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6987
145 KB
1 bl-1.com
s2.bl-1.com — Cisco Umbrella Rank: 27504
935 B
0 atdmt.com Failed
ad.atdmt.com Failed
245 34
Domain Requested by
34 www.cyberscoop.com 4 redirects www.cyberscoop.com
33 tpc.googlesyndication.com securepubads.g.doubleclick.net
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
ad.doubleclick.net
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.cyberscoop.com
29 pagead2.googlesyndication.com www.cyberscoop.com
ad.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
www.googletagservices.com
25 securepubads.g.doubleclick.net www.cyberscoop.com
securepubads.g.doubleclick.net
www.googletagservices.com
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
16 www.googletagservices.com www.cyberscoop.com
securepubads.g.doubleclick.net
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
www.googletagservices.com
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
16 s3.amazonaws.com www.cyberscoop.com
8 s0.2mdn.net f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
www.cyberscoop.com
s0.2mdn.net
8 www.google.com securepubads.g.doubleclick.net
www.cyberscoop.com
tpc.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 dt.adsafeprotected.com f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
4 googleads4.g.doubleclick.net ad.doubleclick.net
www.cyberscoop.com
4 fonts.googleapis.com www.cyberscoop.com
js.hsforms.net
s0.2mdn.net
3 px.moatads.com d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
3 static.addtoany.com www.cyberscoop.com
static.addtoany.com
2 track.hubspot.com
2 trc-events.taboola.com cdn.taboola.com
2 d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad.doubleclick.net www.googletagservices.com
2 pixel.adsafeprotected.com 1 redirects f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
2 www.facebook.com www.cyberscoop.com
2 px.ads.linkedin.com 2 redirects
2 f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.cyberscoop.com
connect.facebook.net
2 pixel.wp.com www.cyberscoop.com
2 stats.wp.com www.cyberscoop.com
1 z.moatads.com s0.2mdn.net
1 cdn.bizibly.com f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
1 8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.de www.cyberscoop.com
1 public-api.wordpress.com www.cyberscoop.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 t.co www.cyberscoop.com
1 analytics.twitter.com static.ads-twitter.com
1 px4.ads.linkedin.com www.cyberscoop.com
1 www.linkedin.com 1 redirects
1 js.hs-scripts.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 forms.hsforms.com js.hsforms.net
1 www.googletagmanager.com www.cyberscoop.com
1 js.hsforms.net www.cyberscoop.com
1 cdn.taboola.com www.cyberscoop.com
1 s2.bl-1.com 1 redirects
0 ad.atdmt.com Failed f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
245 52
Subject Issuer Validity Valid
defensescoop.com
Amazon		 2021-10-27 -
2022-11-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-06 -
2022-04-06		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
io.bizible.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-30 -
2022-07-05		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 32 frames:

Primary Page: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Frame ID: 705703484CE65A28658BAD3DC077A050
Requests: 94 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Frame ID: F1831D16E0F8677C5A158BCBCE1FC0A1
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Frame ID: E91A95DC94A2E10E995C65105ACA2C06
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Frame ID: 3185662289FC85F197C6407EBA55D51C
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Frame ID: F708766329869C35349736F117244C0D
Requests: 10 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: BAB2C99AB32495E481381078BF5BB170
Requests: 1 HTTP requests in this frame

Frame: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D5D6BC273BFBF0488F5CF0F72B8809B
Requests: 1 HTTP requests in this frame

Frame: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FDA56657CEE5592E0997F73B74720CE
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCwXWJk9cNJksaZ57_YL034Ji0BwuFpFnJat3J7wmeoq_DER_JRsRrYjj3b8ZXN81usunP9W0IHafUMD3y9mGMZaY9YI-HDHGXm5vKsn_HJODUMeFkCqXxxYvevGLC3fCtDUE5CxePBDxHXOmut2uYu6FmJx9tb2kkqQQ7QCRC9qRpVZW25jmfHUMvSQZspMVfJPozJZ2wL8N0EVUjsfpOsU9rQwMGprUDV4BWlIN7fSK72aXZWXKCuuceE-sjNKBYUizOkkFhFPVgXhhAQLWWd6n2ZUiDjd_9IlksRQ5O0Luwm5-IPf74&sai=AMfl-YRnRcCPbTWlb7Q_wJGEXvSAdoveJpZIEQyXkRdU1T1YObGaHmutN7zHjgp7Rvz3gH08XyyeawjUpd_nAqiBb11n3-oBWA3cVfXsQ-c0q66tLPbCaPl7zfnMtqS1jjI&sig=Cg0ArKJSzGuOTmbeMAHYEAE&uach_m=[UACH]&adurl=
Frame ID: 1956604103BC2444A9A33447B3F1BE96
Requests: 9 HTTP requests in this frame

Frame: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E11408F2615433767BF38B6F9178286B
Requests: 1 HTTP requests in this frame

Frame: https://6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 636B14EE86996319B8CA7C9F1A2C3A8F
Requests: 1 HTTP requests in this frame

Frame: https://3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 374C88652FD461AC5D39E6DE5A4FABEC
Requests: 1 HTTP requests in this frame

Frame: https://8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 04564F10B00F4F14C4AB02DEB42ED6A1
Requests: 1 HTTP requests in this frame

Frame: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C11C804250E1F8BDE4970C15051EC88C
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvG_iYBlDfFFh0l_BIIB4_nNfxey1yPhwKYt4cNwVfdkCCH4cQH9gJR72xmylptD3mevDVM9j2ZPYYUr_1mbUwqRj-gLuzhcJDP5EFst_ovbV62w-Y5pC0Gm2Cuhxkhz2T9ej12TkpFnn7Iw4sCZI4XQFTGxQ2FBmEt7RcA5c6GJvn5XX8WkCjYwitB2Hf_0p8t7BY0FvWCvNdaeImaP5Lz_8XOXAoIhPkIm1vXhuAgZyEAcAfpkdZByK4j66ovt-MQqhCgKqLbwWNU6eI-AMCd3mfbSJTczscP_jvGeSrU353baH5BB-tE-OOrk6vDWkSWojDdQlf7EE6Xg8bk7E3lfB7UAA&sig=Cg0ArKJSzJih7yBaeijrEAE&uach_m=[UACH]&adurl=
Frame ID: 50B63C6B9276021FA58C294D60D1797D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslUuAhi3GIjaRT6LRUwecI5e1JfDBBO26VC-J2MI8ngRRZxOqdxlzvI8hLbluf0sJN25flu0RFPPDqlutfmXwtIK8nOouVyu4TyeJdL-l6sxFGVeFk1LgTfBAtN5J5rpAG8RiJqzu52W4kbjcMuAIa4Q-7RzZQzaw3TFVcBhIXqkq--jZl_tD9pmZ7_O_6330M1-8CNvMBAWVA3-C066EepkGDSGEMpL-X_QM-Fxvz-mAft9wuGqMkJO8L9VjazaZhhrYzrow41W6ZqDm_EIq7TYh6VZNaKLczArQpkQaYJzzhKQeOKwX1PBAkvY-QxSBBHhdyvKtpjRqID3XIyOB7&sig=Cg0ArKJSzGSGqr8Tu7LdEAE&uach_m=[UACH]&adurl=
Frame ID: F7EF9E3AE0B02CEEB6B193222445A3F2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6sN4WxWIuO_Y7Nv4u3aSwiCwSXK80DqgkLKNUonEGtTeNMNg6DDoSNVrnhri8YUQ2IuUKZMJ7pUQjrCwOHDFAcrTGm2A4xd-yY1eW6bShgKvOo1yKGqy4rXvZ_Ev30jU0xE_SezMoxOgkd_p0YqbM1UD7WKDA7ZVmiLADcIaRFbpVpg9oSqOX-3lolAD6nUgiz-1as9NGRUdXOQcqLBM0fZgM1hp0KbMCghU8f0gk_6ODReoJxXf7Tt0iK6g53HBCND2LyePzKb_MYzfqglN66MCAf8pYeGiVNRSCQ0yI8xa4SmYvX2OistyWI9s4fVaUc7NdUDKWTOy7zykme55YToEV&sig=Cg0ArKJSzIwmYip6HYSSEAE&uach_m=[UACH]&adurl=
Frame ID: 00DA37430F5BC1DF8A1A59EF22C5617E
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D522E89A256CB24ADB49CC4CAC011BCB
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: BFE07AD25B6FEFE733D3134CCB0AB50F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88CD84AD338307BF4D1BBFFED1B4DFF2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CA547130E8FC6B0BB2CF6E044FDCDA64
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E543F713F100C0FE3FCF9CAD64BF1A95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD7F4CE0F3246AA5B1B1BF06F67076E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F2EE4D02EEF108F41F26EA80315705E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F9D5A170A09A4AA461660714578CC85
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5488CB278894D8B61A3AF8BF01BE69B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE64DDD4F0A046330B77D3FFC14CD628
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/11581985/1642180076507/index.html
Frame ID: 16A4686E89801F4512B7520900CEA2B7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B789A7D75E103C442E2FA14E6F275625
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1AABB1205E6BC7A4F6DC5C891D3E4F5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65B463CF880F9E18981FB3CE8CCBED28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D3B733CE7B2F4C1C22F58373D6578F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Emotet's tax-season phishing is back with new tricks - CyberScoopMagnifying GlassClose search resultsTagTagTagTagTagCategoryCategoryTagTagTagTagCategoryCategoryTagTagTagTagTagCategoryCategoryTagTagTagTagTagCategoryCategoryTagTagTagTagTagCategoryCategoryTagTagTagTagTagCategoryCategoryTagTagTagCategoryCategoryCategoryTagTagTagTagTagCategoryCategory

Page URL History Show full URLs

  1. https://s2.bl-1.com/h/dpVsGT9n?url=https:**Awww.cyberscoop.com*cofense-emotet-irs-phishing* HTTP 302
    https://www.cyberscoop.com/cofense-emotet-irs-phishing/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

245
Requests

99 %
HTTPS

59 %
IPv6

34
Domains

52
Subdomains

43
IPs

5
Countries

4172 kB
Transfer

9449 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s2.bl-1.com/h/dpVsGT9n?url=https:**Awww.cyberscoop.com*cofense-emotet-irs-phishing* HTTP 302
    https://www.cyberscoop.com/cofense-emotet-irs-phishing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing HTTP 301
  • https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Request Chain 37
  • https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing HTTP 301
  • https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Request Chain 38
  • https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing HTTP 301
  • https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Request Chain 43
  • https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing HTTP 301
  • https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Request Chain 79
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1648675808455%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fcofense-emotet-irs-phishing%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true&e_ipv6=AQKWDSxvSX6IKgAAAX_cvGYNImaiFKeFy9PmysoeYwxxlJh7gUbl5omxCJUEOYVoycuSbX0v
Request Chain 168
  • https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1798bcbd-55e9-6e09-31ae-0815aa2c3e7b,c:8nN3km,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-js7kn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:113,fm:t1BpG4q+111%7C121%7C131%7C141%7C15%7C16%7C17*.779519-61003950%7C18%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:128,oid:92cd5ad5-b070-11ec-b7de-a2b265438954,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cyberscoop.com/cofense-emotet-irs-phishing/
Redirect Chain
  • https://s2.bl-1.com/h/dpVsGT9n?url=https:**Awww.cyberscoop.com*cofense-emotet-irs-phishing*
  • https://www.cyberscoop.com/cofense-emotet-irs-phishing/
65 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
b5099e30d77bd0ea30eefe5f9f57cad763fac2a22d4618fd506542d119940da1

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:07 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/63238>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=63238>; rel=shortlink
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
XM4RzM5XyRwoaFoZY7FKMNFmelUnmXCYcfvZxvBCc9_GIEOSwEfZXg==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=0, must-revalidate
content-length
154
content-security-policy
img-src 'self' data: https://*.amazonaws.com;script-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://fonts.googleapis.com;report-to https://app-service.bananatag.com/csp/violations;report-uri https://app-service.bananatag.com/csp/violations;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 21:30:07 GMT
etag
91f10400-b070-11ec-8889-136bd96abad0
expires
Wed, 30 Mar 2022 21:30:07 +0000
if-none-modified
91f10400-b070-11ec-8889-136bd96abad0
last-modified
Wed, 30 Mar 2022 21:30:07 +0000
location
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-frame-options
DENY
/
www.cyberscoop.com/_static/ 		96 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??-eJyNy0EKgCAQheELZYNRuYrOYjrE1GjhGOHtaxPUruXPex+cu6Lo+PAo4ETAk2SYeHOrYpqSTQUkF8Y6UKzvQwVvsQgE9GSRMWDMn9jZFkyKcbau/OP39u4HjWHQfWt63bWNuQCHokGs
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6a32d68a3721a668ee9a94988a0098bfa3f7748f039ea64023ee868146bbcde8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Fri, 18 Mar 2022 14:57:07 GMT
server
nginx
age
790079
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
14151
x-amz-cf-id
BvCHZwNZD3luQ-_GTJqapTN872q1ALvnobSI2OFcUDLkscMycmogoA==
/
www.cyberscoop.com/_static/ 		168 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
age
21694
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
27224
x-amz-cf-id
BxLomje_tMhytDmSXnauFR5amgxLvDmtYV22vITKJzZIz1blnLDwJA==
css
fonts.googleapis.com/ 		8 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.2
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 21:30:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 21:30:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 21:30:07 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.2
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 21:06:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 21:30:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 21:30:07 GMT
/
www.cyberscoop.com/_static/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??/wp-content/plugins/add-to-any/addtoany.min.css,/wp-content/mu-plugins/jetpack-10.7/css/jetpack.css?m=1648654850
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
76158b342ddcc16addd32aa2435db4d85937e785f804bc9332c7ab9790d87326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:40:50 GMT
server
nginx
age
19950
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
17249
x-amz-cf-id
i4Ll5AJRq58MBUAW5eYL5weRC3SjUiRv9x3yI-LOWaZf0mPbCQIu8Q==
/
www.cyberscoop.com/_static/ 		265 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??-eJyVkd1OwzAMhV+ILOJnAy4QL8ELpKnXuU3sYDtDfftl0ya4gIpKlnwUn+8osv1XcUgx1R7Uj60+K8h8bZuMtBn1zi+ZXMZBgsFPc2QyIPN2gNyQ9nJRLs4diEbmco7pEtL0gZZgHadIQwKNwimtJA3jNHdo+ttvS6oD0gWuCuLCMVgQH1TB1O9TsNJw+VbrQxQSRHu49aWA0PfO2AWaz9K4ib/u0aOaPwL1LF5gAIJ2EBYnlQwz/Adro8Jp3mNb6ZL9wDzdlvee3+53Ty+77ePr9nk8AZ0B26Y=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
age
21694
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
83160
x-amz-cf-id
-FL8D8MTV9aWcljSvLy92FPb4FAYkiT2CHjx3ZCUSPEHNi9Bh5QdKg==
i18n.min.js
www.cyberscoop.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
3968
x-rq
hhn1 0 4 9980
last-modified
Fri, 18 Mar 2022 14:57:07 GMT
server
nginx
etag
W/"62349dc3-28a7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
Ncs8v5U3ugvFQQ9wsJNjmS6dXQyixTlA1vicAWvoFr4wP_h79DKyvg==
expires
Thu, 30 Mar 2023 21:30:07 GMT
i18n-loader.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-assets/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=6540b0095b07550d09448c37fac5ef6b
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b58bf516fedf2482b3be6125c03b9a9ef1fa057f69e375fd96754b11b3565e74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
2429
x-rq
hhn1 0 4 9980
last-modified
Mon, 21 Mar 2022 17:57:21 GMT
server
nginx
etag
W/"6238bc81-17ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
mSbR622R8Bc71hQ5brH_DOoDg_98lOsSz117cUdHIzM94piLC9mQPw==
expires
Thu, 30 Mar 2023 21:30:07 GMT
tfa.js
cdn.taboola.com/libtrc/fedscoop-sc/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.2
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca67f986b60dd057871e474c4987fb6499cba3b6f4a9bdb821a84d0f427b2ccc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
8LLrMAubdJohJSdySKHkSrbwOuJ7ypvY
content-encoding
gzip
etag
"0cc23d24277fea406adc05018234e70d"
fastly-original-body-size
17362
age
40
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17362
x-amz-id-2
xnY/M4teXOp41noAjE30DkDKNK6c+dWu4ySyRHNL2uSNkIQbJEb6QytSjbLNVqdXKxlL/9+TGtA=
x-served-by
cache-hhn4028-HHN
last-modified
Sun, 27 Mar 2022 11:14:01 GMT
server
AmazonS3
x-timer
S1648675808.847012,VS0,VE1
date
Wed, 30 Mar 2022 21:30:07 GMT
vary
Accept-Encoding
x-amz-request-id
E37DT64QJ84349PW
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
1
/
www.cyberscoop.com/_static/ 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??-eJzTLy/QTc7PK0nNK9EvyUjNTS3WB4qAWbrJlUmpRcXJ+fkF+lnF+pl5mSW6JYlJ+fk5iXpZxTr6ROtMLCggTUNual4pUId9rq2hmYmFmamxpal5FgBkPz5a
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
age
21694
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
48037
x-amz-cf-id
b5ePXeEjaIy6nbYQZHvnF4JL-RS2-oHy_fwA_hYB2fPXETsKq0s3aQ==
ads.js
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
server
nginx
age
40
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-encoding
gzip
content-length
167
x-amz-cf-id
MMKKKZgHJVxTu3OLVLXmfHoNeezY91Tl4doKx31HjzZjqBCVJ09QTg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1173 / 141 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 10 Feb 2021 15:47:32 GMT
Server
AmazonS3
x-amz-request-id
EMHZYFH0WGQ88FSM
ETag
"b3250d52680549abc7222f71b2dce836"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2375
x-amz-id-2
hGEUXrAP8yk5N+37L48dTzLQkCzlR44taAD7OCSqAKtsQKsog1tuMwbCLzKmFIn7Jepu7cUK2L8=
closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Tue, 12 May 2020 13:43:08 GMT
Server
AmazonS3
x-amz-request-id
EMHHWATD2BTZEZ1Y
ETag
"6fa9505df4b1d86476aef77673f3b330"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4658
x-amz-id-2
K6Ib3aXMFM/x5sVwkBccirRz0Lqjst+s+keHcix6YkBMd1OMR3GzV7iqyeqf3H6jmQV3On1RyGI=
twitter.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/twitter.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
EMHKAGYDPEZW22QE
ETag
"0bab5422023490b09b2590482b10e983"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2172
x-amz-id-2
W90rk4EVascdrz78kwZcBWpr2QPHdGYgodgYTYlhTZwueOjRY17i9WUSgb1C9mSCIyGd9TISvPY=
facebook.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/facebook.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
EMHTPZ69SB5CR001
ETag
"0bb97e47c732a1645d42198a7b8b1397"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1272
x-amz-id-2
WxiwdlcZd21ElVfXPUkrQdpJPCugNRMF+HtVmSm1zKTLqvKu1XF2VwKAbbL7064T7qgCwj074jY=
linkedin.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/linkedin.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
EMHJENANV4K7WED0
ETag
"b05a15a980fa7ad56a297860e33c6327"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1857
x-amz-id-2
U+bFBtpxwI3EuAg/8lCx/BQvXpW+hc+xIc/lKtyOu3luygYTqnnWPGCMb44PH33DzAX6b7xtdBY=
reddit.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/reddit.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
EMHGGVNW5QXD3HA9
ETag
"8095452e62fa3cbcbdaf4ed982477485"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
6390
x-amz-id-2
AtfvULk4vtvzV6KeLLuVycG6hKwU62kgXfRTF97nBgYeYXYn2m1e+cZBqWiPjDDluQJJZqMZGGA=
gmail.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/gmail.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
EMHHJ5KEAPZ687XG
ETag
"e5d4decd16518b9f60451876256ea22f"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1181
x-amz-id-2
FSOZY5PSDYvnmToZAqjCRRSYDyb6geXSM5xxHNgCaJFfyrYSEsHB/RnqRYuw9e1bOayOgvYBPiI=
emotet-phishing-example-2022-cofense.png
www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/emotet-phishing-example-2022-cofense.png?resize=683,500
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e2ddc725a1e56c4138a6e2bf0dc431f069fc63aa6dc017f3dbb462ac0886787b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 109 88 443
last-modified
Wed, 30 Mar 2022 21:30:08 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"bf46cda01c173314"
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
66698
x-amz-cf-id
bdDLfgzXYWXL1VDzZYeE_xcWdNervZKnDagawiEUH-3fT7-FX-1uiQ==
expires
Thu, 30 Mar 2023 21:30:08 GMT
close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Fri, 22 Jan 2021 00:05:15 GMT
Server
AmazonS3
x-amz-request-id
EMHYMMTX2CXXKEKQ
ETag
"cde4ecef61a0a35571e737da5276b5e7"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
991
x-amz-id-2
DwkGEG2YsY0YHSo/vFGfp6Rr37qz15u1RDBsKclyW+FBljApN2hLCRbTTZaryrg6esh/k3Gg++o=
v2.js
js.hsforms.net/forms/ 		567 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890b708afd6ff7457e995248c777e7ccca6c21edb5c0864c1c57a3fa4d1ca070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 349b149961d8d2361c29d4be4b5847f2.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Mar 2022 11:54:27 UTC
server
cloudflare
etag
W/"6243cf3329b6cd101d76ca94941f2a63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAnUKxgufNYjV7U%2FkuvpAMeD6GyTtFvTtEcOFVksLTM6%2FJgiIKU1GQzvdV0TJLsrPVTSMoL5f3jm8A82aF2PgtQdtVu1P%2FYQbXRaXw3qhXsLE3sMV6j8vIkoxl%2B1JVN6Uoexj3Xn5I6Xuf99"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
kwXqkK77jm0Gk18cFFGWmYxlGIVedWsy
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
cf-ray
6f43f1d7fb47916e-FRA
x-amz-cf-id
WNbfxfRLwITyGAuDDpoDJnjYVAv019CKqsZ89PW3p5WIlLQReBoQpQ==
x-hs-target-asset
FormsNext/static-5.461/bundles/project_with_deps.js
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1173 / 200 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
/
www.cyberscoop.com/_static/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/_static/??/wp-content/themes/wp-theme-cyberscoop/js/ads.js,/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?m=1648653957j
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
age
21694
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-encoding
gzip
content-length
2703
x-amz-cf-id
lIxF5_EkxF2ABh7ShdEfkIkJq1cYnT6UX31mfKOWKjMQwqfCnoQBRg==
jp-search.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=f355c56c151a0fea6cbfc8706ee0e5df
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b94f06ca7ef4ef504b19e70ce6b15c4b9e7dc034de479d31ec68c2429a053ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
3036
x-rq
hhn1 0 4 9980
last-modified
Mon, 21 Mar 2022 17:57:21 GMT
server
nginx
etag
W/"6238bc81-1c38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
hwaHS9F2ENLQeE2ij0l-pIYul-VAuhTGOIGa5Hdgsnia6pDzVX2upQ==
expires
Thu, 30 Mar 2023 21:30:07 GMT
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?ver=202213
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
server
nginx
etag
W/"61dc645f-2a3d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 27 Mar 2023 23:57:06 GMT
e-202213.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202213.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 20 Mar 2023 07:02:07 GMT
gtm.js
www.googletagmanager.com/ 		165 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22e3cd82e622e116657c70d03cc393b8b272b1df8aa96612129c9e172a0360ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60828
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 21:30:08 GMT
wp-emoji-release.min.js
www.cyberscoop.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
4926
x-rq
hhn1 0 4 9980
last-modified
Fri, 18 Mar 2022 14:57:07 GMT
server
nginx
etag
W/"62349dc3-4705"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
BTGlw2qzEmHOP0uvijYuwEmR4beJGQuPnLE8cVgu4jqP8qiOrbRuUg==
expires
Thu, 30 Mar 2023 21:30:08 GMT
lightslider.min.css
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/lightslider.min.css
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
1360
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
etag
W/"622fb5b3-14b3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
QECwVHEy6xbrHXalxW0IXIwCTEqgkrGpbr84c0dk_y8cX8Fkn8zuxw==
expires
Thu, 30 Mar 2023 21:30:07 GMT
page.js
static.addtoany.com/menu/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
41990
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
6f43f1d8ab0c90c7-FRA
cf-bgj
minify
CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 21:02:05 GMT
Server
AmazonS3
x-amz-request-id
EMHHRY5QFCB5CCFD
ETag
"b3250d52680549abc7222f71b2dce836"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2375
x-amz-id-2
SslvIETUdA0YGjz2thQBAXKYQdSl/2ZpThzUlwPhuDReAv3suvBuxdbv9tkP2LpJAQkG+fM9XyQ=
SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 21:02:05 GMT
Server
AmazonS3
x-amz-request-id
EMHHJG2B1RKC0NCV
ETag
"61428dbcecc23b1679236e221c5228d4"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5545
x-amz-id-2
o81Pv8+Yv/Rqpfbylvey8C90Ojr2hQLoZVtLAusFcYMdA4FTFIolJ79koPwSmlid3hGSAZz9p1g=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:33:04 GMT
x-content-type-options
nosniff
age
7024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22760
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:33:04 GMT
PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/PuristaMedium.woff
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Request headers

Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:07 GMT
content-encoding
gzip
age
234
x-cache
Miss from cloudfront
content-length
37579
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
etag
W/"62447685-9340"
access-control-allow-methods
GET, HEAD
content-type
font/woff
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
TFVub9aF3rCQjyS4oqcKsIXf0-TMTOBtFznwmOUsWuGAZ-rgy3w6Gg==
expires
Thu, 30 Mar 2023 21:30:07 GMT
/
www.cyberscoop.com/advertising/ Frame F183
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
  • https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
a00fc4320e45ba801af1c3980c5b2ef0719bd49ea0b91f36059066fccc8ffd44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
sQ6Lh_mNWg0cirlV7eDsQHONUd1HEpNxnczJ5iW-vZyM3eDN9vUo4Q==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
A34UPc7SavozSt-IS2h-CJd6JwG9-mARVmd30pwXakoXxvZXfnI_0Q==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
/
www.cyberscoop.com/advertising/ Frame E91A
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
  • https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
501e11658b544f46ebda7e7549f436aab0925446a3bc42ea62ac6bd4d70b2f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
oYfH9PZA7JXS_nKQXOv6ClozrWNq2IvWN7K2PQAdG6ca6B5DQQR4hA==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
bo5WJIPPhfwT2ZJI076uhq0udOMz3xs0D5XmtKgkf-hjQSvt9WCySA==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
/
www.cyberscoop.com/advertising/ Frame 3185
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
  • https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
09834627a3dd59f271dbcdc04dc752545a8e7071e459a4e3cf815ab7a77ab567

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
NSnFb67DoTVmMlfqngCTwz52VlbX5rEyfYpwiNDnCUch_r_yh0Q3xw==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
tCNXyGkVVt55w4Jazqxx3BiG91NtZ43bY2xvRsO0egi0ASRGPq4bLg==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
w9-illustration.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/w9-illustration.jpg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7313c29833679e30c9b81cb0beeb6b1f3dd33d0a9ee67050dd3631cc014017a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 109 139 443
last-modified
Wed, 30 Mar 2022 21:30:08 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"af3979ae8a9fca90"
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
369394
x-amz-cf-id
rPetJCM1SNmXoFzSv3mQJV8Y9Lg5NEHZd6b0FmZDecuyFA4eINwMvA==
expires
Thu, 30 Mar 2023 21:30:08 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:32:11 GMT
x-content-type-options
nosniff
age
7077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:32:11 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 23:27:02 GMT
x-content-type-options
nosniff
age
511386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25384
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Mar 2023 23:27:02 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:32:11 GMT
x-content-type-options
nosniff
age
7077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22592
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:32:11 GMT
/
www.cyberscoop.com/advertising/ Frame F708
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
  • https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
4f8306162e2f7b6c09347a2d46e41791e7a01f3335ec7022476f94338616fc05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
B5VJ4jgQ8Goq57Av9c0Hj__YIGkhk4fMpllofzwooShAPRotvUQeag==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 21:30:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
server
nginx
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
7c-JZlLo9F8ud7aPhSWi4yPOY_2hudOKNtPE1ILG2vhOJnrXlOFRgQ==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
GettyImages-1333378389.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/GettyImages-1333378389.jpg?w=307
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2a6252d7fdaba8dcab3d6c1b703ce2ba963117e4ed0bee67c7cdf80e76d08b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 109 195 443
last-modified
Wed, 30 Mar 2022 20:06:22 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"a1e1eacd0cee6dca"
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12678
x-amz-cf-id
8Z6HQ9Nzp-0lb_gQEm2ztFi97MaH4S4mrEOO54bZNHcBdG-9NliPaA==
expires
Thu, 30 Mar 2023 20:06:22 GMT
GettyImages-1239623050.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/GettyImages-1239623050.jpg?w=257
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
81507479d769ae492fa40ff3858880fcf52e09b687f669a01b7358d7751bee1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 109 27 443
last-modified
Wed, 30 Mar 2022 20:07:30 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"60f86af6651c4952"
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13430
x-amz-cf-id
D3dX0CYmTh0uyYmQ63eyW9bhl4vdOco65_XVbnw3dT5O7JQBCgKxlw==
expires
Thu, 30 Mar 2023 20:07:30 GMT
Screen-Shot-2022-03-30-at-1.06.58-PM.png
www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/03/Screen-Shot-2022-03-30-at-1.06.58-PM.png?w=307
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
05f36ce8adc8b0feb9adb584292aacc7bf5b7090e72511dad588b662be1baafe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 109 84 443
last-modified
Wed, 30 Mar 2022 17:35:34 GMT
server
nginx
x-amz-cf-pop
DUS51-P2
etag
"440aa9b2502d2097"
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19634
x-amz-cf-id
LDj_HxqDFEySByaCUfRuy5t-KzzNhHrwV_WlQqqDeXX5j6Ro0JLQsw==
expires
Thu, 30 Mar 2023 17:35:34 GMT
facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 		361 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/facebook_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
age
790024
etag
"622fb5b3-169"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
361
x-amz-cf-id
NK1yhAoTCk7-wnZUvHy0744B7hNrYFqyOM3vMuYZIHz4PvSDRGj0VQ==
expires
Thu, 30 Mar 2023 21:30:08 GMT
twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 		481 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/twitter_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
age
790024
etag
"622fb5b3-1e1"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
481
x-amz-cf-id
foO49Yh8BNkCh0DwEYn0_OBg9dRTcWGEq8af527J6-fugfI-Yh404Q==
expires
Thu, 30 Mar 2023 21:30:08 GMT
linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/linkedin_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790024
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
969
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
etag
W/"622fb5b3-3b2"
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
dJK3KXsSjklrVWAlV6T1dz5Z6Wrr_iAT4BZMl8AhG6NElx4KdU_1ig==
expires
Thu, 30 Mar 2023 21:30:08 GMT
instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/instagram_logo_white.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
age
98
x-cache
Miss from cloudfront
content-length
669
x-rq
hhn1 0 4 9980
last-modified
Wed, 30 Mar 2022 15:25:57 GMT
server
nginx
etag
W/"62447685-625"
content-type
image/svg+xml
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
JE-gbnRiJn3BMlHBIksgXBybvv5JwxYRYLoPOh5E-P1mGLhZFyAnkw==
expires
Thu, 30 Mar 2023 21:30:08 GMT
Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
EMHTZFN2JYJJ44Q2
ETag
"793107aa127f2349e0bb9d0df99cd240"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11864
x-amz-id-2
IRPrULVRHcluVOpvTdeBEt/xleHytvsES26knRWPYUHfPFPeZCl/B92hC1/24ENwIYFfICuZoSw=
Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
EMHZSKY23NZ3W6RS
ETag
"6b8717aa8156bf0573b498232d63b71f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5199
x-amz-id-2
Yg9P8UExbOLxDz+pukyj4QsVsGyJRTPBOJqJtjcaZjuNVgbIcmN9BRcB68hYLlXiygn0xJiFXlE=
Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
EMHX8WGBJVQ0E8HJ
ETag
"da067ed314fa2f647e16efb7331759de"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4000
x-amz-id-2
63cHWyDyEzJeLRkTWkyNfxE0m2l2XalcrRa7ttGVT5jcaV1GXUEFK0TFFLyL28qZmH01HpX/0cQ=
Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
EMHH69XZJ217FZWJ
ETag
"62c167ae878c0c3b3a41b50025cacba7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4872
x-amz-id-2
fAipwZP89Wcb1tiqdLGxeR4yO2KokozP41sO7OLF9RL8jLkJSA72eYhK0H0e8A/Fp8CbXfC65EQ=
Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 25 Aug 2021 20:12:45 GMT
Server
AmazonS3
x-amz-request-id
EMHJPQBHY9ZFRYEM
ETag
"779a62747ba1fe2dfac41aa83a03313c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3934
x-amz-id-2
t9i12i2mumoA/8pKUcsNbgOFi39odCwvIpcO0lZMqPgGw9Swh6vQWfWEHNeV9NWQfanQYmifd10=
Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVDbqgfxWWJMdXH/SFJL3966IF48iKf5GGY+mIqjnIyTQQnj1SeFpRqVxeEDDQVQlU2BVGGQOr000admKVbw830IaMXTXT70h0U5MNnmnV8NduPIVVDJ0XxmUcq5gNoc+HU4xeO6b/d9tz10uyd3cGEJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.68.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:09 GMT
Last-Modified
Wed, 25 Aug 2021 20:12:37 GMT
Server
AmazonS3
x-amz-request-id
EMHMD08QPKRFXPFN
ETag
"b5d5b8c0479b1963324ebca52c96a43b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5349
x-amz-id-2
nEtoqZNl43clxrbDIzq3NJqqpSRSGqXZlN4BE9DkeOx+ryhJcjAXIV7KpMxfnopk9KCTgqy6bHI=
sm.23.html
static.addtoany.com/menu/ Frame BAB2 		741 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
191689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
6f43f1d8fb5b90c7-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 21:30:08 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
icons.30.svg.js
static.addtoany.com/menu/svg/ 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.30.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
age
5580090
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Nov 2021 01:49:04 GMT
server
cloudflare
etag
W/"132a9-5d0656e4a26b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6f43f1d8fb6690c7-FRA
cf-bgj
minify
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 19:18:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		40 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
51e841ae906f8d9003aa8487c11792ceceaac3259e068c2cadceabfe7ede15b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54
x-xss-protection
0
expires
Wed, 30 Mar 2022 21:30:08 GMT
20762415-8082-48f0-b243-36443c93d852
forms.hsforms.com/embed/v3/form/2153467/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001082ed5a8d873d054c2e28137a380862234c640a8c73de60c41f52e54e77f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
8368badc-692a-4ebf-9679-80bb3d66bb96
cf-ray
6f43f1d9bf739b70-FRA
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BD604A7D89A0DBAFA25BA991DBE406B65D25E01BF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.60849436836997
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=200379745&post=63238&tz=-4&srv=www.cyberscoop.com&host=www.cyberscoop.com&ref=&rand=0.9278826338415489
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
687.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/687.js?minify=false&ver=77710423c4d33ada89f2
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=f355c56c151a0fea6cbfc8706ee0e5df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ff6caa0cab0a4eff3ee69c5eca378e73cf81e937eb93fd270f084c7f8acd5a90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
17712
x-rq
hhn1 0 4 9980
last-modified
Mon, 21 Mar 2022 17:57:21 GMT
server
nginx
etag
W/"6238bc81-c701"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
JSTysmlxBGXpz8ONVJnVYLWDX9EQAHtPFoBVgM4xVYBngGPGQEIsbQ==
expires
Thu, 30 Mar 2023 21:30:08 GMT
jp-search.chunk-main-payload.css
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=aaceb2477698617460cf
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=f355c56c151a0fea6cbfc8706ee0e5df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
4299
x-rq
hhn1 0 4 9980
last-modified
Mon, 21 Mar 2022 17:57:21 GMT
server
nginx
etag
W/"6238bc81-7d7c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
clcCLEq11Py5rTzn4LG3_yJ2eZbeSplCSvoprNQrdBa-AKSvEAJxzg==
expires
Thu, 30 Mar 2023 21:30:08 GMT
jp-search.chunk-main-payload.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=7f6763bc8c635564ef84
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=f355c56c151a0fea6cbfc8706ee0e5df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7965009ce1702eb6692b31cb0c8806d9ad4912a7359d4258a21e8eed2db0bf1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/cofense-emotet-irs-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age
790079
x-cache
Miss from cloudfront
content-encoding
gzip
content-length
18956
x-rq
hhn1 0 4 9980
last-modified
Mon, 21 Mar 2022 17:57:21 GMT
server
nginx
etag
W/"6238bc81-124e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
D_W9yphQn9OLjQTngwT-_UdGSMMuWhYK6y8d5rNKB8m2nFmiLHUOjg==
expires
Thu, 30 Mar 2023 21:30:08 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f65:58e0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 21:30:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 23:45:34 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=68955
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3104
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 00:09:12 GMT
fastly-original-body-size
5410
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000078-IAD, cache-hhn11569-HHN
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
eDpp09Q5iehIxq1OG5uHYpIYEyC1Ph0jZmjLC7zYQ4pV0dlquIw4+v9LhNlLzLLsNbic2Ls2poDLHz6S6+W/aA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 30 Mar 2022 21:30:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
2153467.js
js.hs-scripts.com/ 		964 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2153467.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71ff0e13ede0182f72a670704a22dba490b1c30f0d0ed664c675bf5367e504a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
2e00acf5-dbf1-4342-ab4f-bdb542421dbb
last-modified
Wed, 30 Mar 2022 21:29:07 GMT
server
cloudflare
x-trace
2BED578C5844A064D0C5F2B02D5436FDD2C8AFD58C000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6f43f1d9f8e69136-FRA
expires
Wed, 30 Mar 2022 21:31:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5122
date
Wed, 30 Mar 2022 20:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 22:04:46 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=298299784346487&correlator=1453582576752987&eid=31065614%2C31065714%2C44742768&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&ifi=1&adks=113530204&sfv=1-0-38&ecs=20220330&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648675808381&lmt=1648675808&dlt=1648675807798&idt=557&biw=1600&bih=1200&adxs=480&adys=365&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=640x480&fws=4&ohw=1600&ga_vid=432137225.1648675808&ga_sid=1648675808&ga_hid=1189571373&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
6136011f666dd2e72e18193c09633b7e309ef6a65e26771088fa314da1482c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19736
x-xss-protection
0
google-lineitem-id
5908512188
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138380260324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=298299784346487&correlator=1453582576752987&eid=31065614%2C31065714%2C44742768&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcomemobile&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3498381169&sfv=1-0-38&ecs=20220330&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648675808391&lmt=1648675808&dlt=1648675807798&idt=557&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=300x250&fws=132&ohw=1600&ga_vid=432137225.1648675808&ga_sid=1648675808&ga_hid=1189571373&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
aabba7daf1b9e681ad6f99210dc3c793c43487e815a44360490faf6747d7d32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9517
x-xss-protection
0
google-lineitem-id
5930159482
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381977237
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D5D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:08 GMT
expires
Thu, 30 Mar 2023 21:30:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
896395920528126
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/896395920528126?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7be891eabd2fe0481ac0c0669aa25cd64ed1b9c73bef2ad4bcc8ecf9a8d5a07f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
stt88ycqw0mvy5TLHGWAbWvDirH8sfMnGcoxiOgx4c4WPULFauzgYsBwLxMdwKkeFdzi9hnWFXIjqbQFh4NJzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 30 Mar 2022 21:30:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1648675808455%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fc...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true&e_ipv6=AQKWDSxvSX6IKgAAAX_cvGYNImaiFKe...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true&e_ipv6=AQKWDSxvSX6IKgAAAX_cvGYNImaiFKeFy9PmysoeYwxxlJh7gUbl5omxCJUEOYVoycuSbX0v
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 872D889C40B44E22AB2E6DE58F4606CE Ref B: FRAEDGE0910 Ref C: 2022-03-30T21:30:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbdj/wbw+og43ZFZpePQ==
x-li-fabric
prod-lva1

Redirect headers

date
Wed, 30 Mar 2022 21:30:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A3A84FA5BE67473A9412C543388810AC Ref B: FRAEDGE0810 Ref C: 2022-03-30T21:30:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1648675808455&url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&liSync=true&e_ipv6=AQKWDSxvSX6IKgAAAX_cvGYNImaiFKeFy9PmysoeYwxxlJh7gUbl5omxCJUEOYVoycuSbX0v
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbdj/uZ+9V7t6ReI77Wg==
adsct
analytics.twitter.com/i/ 		31 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=15cb6ae4-63f1-4cd0-96f5-ea063793e10a&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time
111
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
503a335ca81033b369ab981f239d027f72760b30c937195a8f05580b351c6b69
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=15cb6ae4-63f1-4cd0-96f5-ea063793e10a&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time
116
date
Wed, 30 Mar 2022 21:30:08 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
267c77b0fd30ac4e40fbdff8ac86d0868ff89c778a563bcc041e35514136000e
content-length
43
container.html
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FDA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:08 GMT
expires
Thu, 30 Mar 2023 21:30:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2153467.js
js.hs-analytics.net/analytics/1648675800000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1648675800000/2153467.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
EMHNMSAHWCPMMX46
x-amz-server-side-encryption
AES256
cf-ray
6f43f1db7f549b88-FRA
x-amz-id-2
KYQW0eFCJLTysSOH+e3qE8GKjqsyfRK0BA5aYvkjBT+ebQR3WMW1LrfTMJUQZfE1OwH8fMp9Q4Y=
last-modified
Thu, 24 Feb 2022 12:07:10 GMT
server
cloudflare
etag
W/"1fa5c84f0d8dafc6fe327ea7de52c297"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Wed, 30 Mar 2022 21:35:08 GMT
2153467.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2153467.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
YD7CAHQF416N1HQ2
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
d3JcrBpJdiwzYsXovse12fIEqZ6HX5qSuA/Yfz1Ay8lgJrQXW+LhfB0RjUugB2VIuLS9Nl0rbmU=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:45:11 GMT
server
cloudflare
etag
W/"fe1f8d01c1ccff5464f811298450eadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
P7RL02J__oOn5v952CjOhmYEuyztTg7c
access-control-allow-origin
https://www.fedscoop.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6f43f1db5e0f9b28-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 30 Mar 2022 21:35:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1956 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCwXWJk9cNJksaZ57_YL034Ji0BwuFpFnJat3J7wmeoq_DER_JRsRrYjj3b8ZXN81usunP9W0IHafUMD3y9mGMZaY9YI-HDHGXm5vKsn_HJODUMeFkCqXxxYvevGLC3fCtDUE5CxePBDxHXOmut2uYu6FmJx9tb2kkqQQ7QCRC9qRpVZW25jmfHUMvSQZspMVfJPozJZ2wL8N0EVUjsfpOsU9rQwMGprUDV4BWlIN7fSK72aXZWXKCuuceE-sjNKBYUizOkkFhFPVgXhhAQLWWd6n2ZUiDjd_9IlksRQ5O0Luwm5-IPf74&sai=AMfl-YRnRcCPbTWlb7Q_wJGEXvSAdoveJpZIEQyXkRdU1T1YObGaHmutN7zHjgp7Rvz3gH08XyyeawjUpd_nAqiBb11n3-oBWA3cVfXsQ-c0q66tLPbCaPl7zfnMtqS1jjI&sig=Cg0ArKJSzGuOTmbeMAHYEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 1956 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:06:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 1956 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 20:56:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1956 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:08 GMT
l
www.google.com/ads/measurement/ Frame 1956 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTatU0AdOug6nTiCUqrsVs-sGRjn0EGWf5JPK1F9HREEpWsLx_ZT2WIrHEFCVDHxrmTv3zLzEfW1qXNsoEh_-YL8c1vVw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
17171698307552820954
tpc.googlesyndication.com/simgad/ Frame 1956 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17171698307552820954
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 12:29:35 GMT
x-content-type-options
nosniff
age
205233
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305541
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 14:48:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 12:29:35 GMT
css
fonts.googleapis.com/ 		2 KB
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 20:05:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 21:30:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 21:30:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1189571373&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&dp=%2Fwelcome%2Fcofense-emotet-irs-phishing%2F&ul=en-us&de=UTF-8&dt=Emotet%27s%20tax-season%20phishing%20is%20back%20with%20new%20tricks%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1442170078&gjid=2083407914&cid=432137225.1648675808&tid=UA-80491860-1&_gid=954705730.1648675809&_r=1&gtm=2wg3n1KR697BF&z=793630547
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyberscoop.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 3185 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1173 / 293 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame E91A 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51a3013424973090c337751474dd85e2b7035953dc5996a2542c6e24aedc304c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28195
x-xss-protection
0
server
sffe
etag
"1173 / 22 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F183 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3E9ZJ2jNL0-leaderboard&categories=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1173 / 903 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&rl=&if=false&ts=1648675808609&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648675808608.1709222769&it=1648675808453&coo=false&exp=p0&rqm=GET
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 30 Mar 2022 21:30:08 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F708 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1173 / 144 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 21:30:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7FDA 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 13:41:02 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 7FDA 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:41:02 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/779519/61003950/ Frame 7FDA 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.162.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-162-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e9fe2b12e3e778282370054a4e6ffe2cd28658ba1a00fd1372ce9c0d742eeb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FDA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:08 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80491860-1&cid=432137225.1648675808&jid=1442170078&gjid=2083407914&_gid=954705730.1648675809&_u=YAhAAEAAAAAAAC~&z=1529856485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyberscoop.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 30 Mar 2022 21:30:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
search
public-api.wordpress.com/rest/v1.3/sites/200379745/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/200379745/search?fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=shortcode_types&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.7/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=7f6763bc8c635564ef84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
98d1278d1ae1396b8ef71a4e52bcd02d0846c545a9ad9b6e96b23c363b05e02c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dca
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
truncated
/ Frame 1956 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b82af1ef946c9325afa3752aecf3e4a91d66a710cc7760abdd3df1438801fdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=432137225.1648675808&jid=1442170078&_u=YAhAAEAAAAAAAC~&z=397770849
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=432137225.1648675808&jid=1442170078&_u=YAhAAEAAAAAAAC~&z=397770849
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame 3185 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 19:18:13 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame F708 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 19:18:13 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame E91A 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 19:18:13 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ Frame F183 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 19:18:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1956 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdJ0ys0wd-FoAg4vD1JiHQD9olRwZpGuUvHXL1A3Q4vLx_Mj_gTRQ82KeJKeBo1DP3lWVd4YImHSCfbcKQwhsHDb3Jn54XRpKISYN50qDH2GRCrGhpb8FNmytgVPPrm72BCQYRvk_SOFIDvuHw6wuZX2mdQ0pkYC_bvlSStp6N1dCP6OH2lQxblBj-i9LS1uUmgumOs93eaZa31kQn2aUg47ue-9_sdsTQJUdoYolbypsDEFMRBY2obBsrdioXrCZ3Y7q8iWKXF7npGmeW2Z338pJSTyqhYYrCTmXF25rnPSwZaFQ6MSK1nLc&sai=AMfl-YRJTWpXNnhwe-kzsGbPQDUleJ4mGHEr1GpyXUn0FSgFDQx2x7sUGojdgKfhbaBeBC5NUnk700K6JlD9xm6qhnpTfpkYKiekxgUL1zkQzPgAotS1RQ1N_G7DKUK4WfQ&sig=Cg0ArKJSzHeQVyXXcwMkEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuPDeb3542ryAEv8JZiAXJuIEKossdWvl2sDbDdbC82nFmOSWMl66Mc8g1ddxKSrpWjTFIJJrO6BO-DamfE3o4z6r4BACryAV4wbC-nKdk7pXBlGeTg3zwL2aBrO7FM6xp3qIPFvnxbJQHyiEyAnrAENRS9eM0G9n28cjAaM-wZSi_YcOWXrknyUMp-CHTNFncrR95atoeyk42J_CA7OoY5VZ8eHOKC-FSVdtInYXVOJ6E2oYmHdehUEHFZT_ZYx6bQYlKX3f01Y4iES1YgLMgskzz8tcyPpvRbL3okuCozqkxPccPtQ8JkYkM2EOf&sai=AMfl-YTs4TqU68c1GAlS06CnSWx7hzuHjh8HZZyCUvyDXXBTOehBZ-Ft0s8bKz56mRwQHaBWKbzejVeR-Pass1jFxLCuW3bnuAFoVpwCYb72&sig=Cg0ArKJSzBL7tzwuUKIXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v85.js
www.googletagservices.com/dcm/ Frame 7FDA 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 13:41:02 GMT
B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb...
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 7FDA 		51 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb31_LyKPMM2WEMAaJ7EISKBJ-zBXbgvS_cgo66gK8dhezLPyf9a3hBreUSa56ZAC5mcIG-TYzuffybqE5CWeEoIe_MzDsrvEPiRjWiTuOYeA1lFVDNQ1SoApF1xdZocq1TzeGeVpX447SJs7V3XCTU1va51rCGtTaBR8nL-6jFDDzQ9R6cnjNK_ZMEKNVsLuFctdgVLIXf7dSmmsxO6lBWY6FaVPQpFoqDj1KKV9X9gKa2B13Dff7Q1T7CHPvc5sjUft1yvlA7ikCGNU82RmYlQFCL3fMsw3q%26sai%3DAMfl-YSn2WgWuAQVm3UskX4k6l14wbfQ4GmqfSAOXg_bpQhW1Yf2ZVlpB-DncdxGcYMwdqBBjl0yekzbX0XoypYmlUPjobihNsLws1qnrEKn%26sig%3DCg0ArKJSzOrYUpyatCNAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=KyagC0Soep;sttr=46;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
9a30c872c20e7323068110e97a16ba0f572431cf84fa2d1f3a3e5d815e152de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 3185 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3185 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3185 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4007784660163455&correlator=1447253643476136&eid=31064150%2C31064681%2C31065551%2C31064018&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2863372106&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=Tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&sc=1&cookie=ID%3D2b94b7c6580461f2-22f008fe6acd00bb%3AT%3D1648675808%3AS%3DALNI_MZldgxdHdvGp7KOMorf8cUP6YBVOg&cdm=www.cyberscoop.com&abxe=1&dt=1648675808929&lmt=1648675808&dlt=1648675808568&idt=349&biw=1600&bih=1200&isw=300&ish=600&adxs=983&adys=1605&ucis=rt3wzuse4bbo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dthreats%26tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=432137225.1648675808&ga_sid=1648675809&ga_hid=1377128251&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
86ab743ee978817ce83bc83d2f74aa6352212e44436ce8a7984c193fb973df74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9140
x-xss-protection
0
google-lineitem-id
5917011739
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138380650934
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E114 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:08 GMT
expires
Thu, 30 Mar 2023 21:30:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F183 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F183 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F183 		50 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820445374162873&correlator=949788940750470&eid=31063378%2C31065802%2C31063246&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=13849420&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=Tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&sc=1&cookie=ID%3D2b94b7c6580461f2-22f008fe6acd00bb%3AT%3D1648675808%3AS%3DALNI_MZldgxdHdvGp7KOMorf8cUP6YBVOg&cdm=www.cyberscoop.com&abxe=1&dt=1648675808948&lmt=1648675808&dlt=1648675808580&idt=362&biw=1600&bih=1200&isw=1600&ish=150&adxs=0&adys=170&ucis=9x47q68r3a8s&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-3E9ZJ2jNL0-leaderboard%26categories%3Dthreats%26tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&fws=0&ohw=0&ga_vid=432137225.1648675808&ga_sid=1648675809&ga_hid=664875828&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
253b081413c72b4b39eb2c9752e442939e9c2f71576401d23556650f16716e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20022
x-xss-protection
0
google-lineitem-id
5848497745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373643511
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 636B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:08 GMT
expires
Thu, 30 Mar 2023 21:30:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F708 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F708 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F708 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=955751074367291&vrg=2022032106&nw_id=18430785&nslots=1&eid=31063378%2C31064151%2C31065659%2C31063246&pub_url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-EtnXDF5fYA-billboard%26category%3Dthreats%26tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&sig=1&req=0&req_cnt=1&dm=8
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-EtnXDF5fYA-billboard&category=threats&tags=cofense%2Cemotet%2Cinternal-revenue-service-irs%2Cphishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame F708 		51 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=955751074367291&correlator=2157679327424071&eid=31063378%2C31064151%2C31065659%2C31063246&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=3048910702&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=position%3Dbottom%26categories%3Dthreats%26Tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&sc=1&cookie=ID%3D2b94b7c6580461f2-22f008fe6acd00bb%3AT%3D1648675808%3AS%3DALNI_MZldgxdHdvGp7KOMorf8cUP6YBVOg&cdm=www.cyberscoop.com&abxe=1&dt=1648675808960&lmt=1648675808&dlt=1648675808590&idt=365&biw=1600&bih=1200&isw=980&ish=250&adxs=0&adys=3536&ucis=9l0l7jj7zhkz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-EtnXDF5fYA-billboard%26category%3Dthreats%26tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&fws=256&ohw=0&ea=0&ga_vid=432137225.1648675808&ga_sid=1648675809&ga_hid=1358324732&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
dd421c760b636652a9f1838d19e3723adff1c21c72802e12894ee62a5faa77a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20553
x-xss-protection
0
google-lineitem-id
5848497745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373643511
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 374C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
expires
Thu, 30 Mar 2023 21:30:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E91A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E91A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E91A 		50 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4432779166058359&correlator=4488175530217433&eid=31064927%2C31065614%2C31065007%2C31065787%2C31065551&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4064999910&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=position%3Dstatic%26Tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing%26categories%3Dthreats&sc=1&cookie=ID%3D2b94b7c6580461f2-22f008fe6acd00bb%3AT%3D1648675808%3AS%3DALNI_MZldgxdHdvGp7KOMorf8cUP6YBVOg&cdm=www.cyberscoop.com&abxe=1&dt=1648675808976&lmt=1648675808&dlt=1648675808573&idt=396&biw=1600&bih=1200&isw=310&ish=250&adxs=983&adys=1340&ucis=mk1h9uuv1pwr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dthreats%26tags%3Dcofense%252Cemotet%252Cinternal-revenue-service-irs%252Cphishing&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=432137225.1648675808&ga_sid=1648675809&ga_hid=781175236&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
f7a6c9fb77380dc0b6112d42df1ba0c7d80a266d316e8fca3e8dd3e82d7edeb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19870
x-xss-protection
0
google-lineitem-id
5848497745
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373602053
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0456 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
expires
Thu, 30 Mar 2023 21:30:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 23:35:54 GMT
x-content-type-options
nosniff
age
510855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9828
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Mar 2023 23:35:54 GMT
container.html
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C11C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:08 GMT
expires
Thu, 30 Mar 2023 21:30:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 50B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvG_iYBlDfFFh0l_BIIB4_nNfxey1yPhwKYt4cNwVfdkCCH4cQH9gJR72xmylptD3mevDVM9j2ZPYYUr_1mbUwqRj-gLuzhcJDP5EFst_ovbV62w-Y5pC0Gm2Cuhxkhz2T9ej12TkpFnn7Iw4sCZI4XQFTGxQ2FBmEt7RcA5c6GJvn5XX8WkCjYwitB2Hf_0p8t7BY0FvWCvNdaeImaP5Lz_8XOXAoIhPkIm1vXhuAgZyEAcAfpkdZByK4j66ovt-MQqhCgKqLbwWNU6eI-AMCd3mfbSJTczscP_jvGeSrU353baH5BB-tE-OOrk6vDWkSWojDdQlf7EE6Xg8bk7E3lfB7UAA&sig=Cg0ArKJSzJih7yBaeijrEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 50B6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:15:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 50B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 20:48:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50B6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
18067877421594875910
tpc.googlesyndication.com/simgad/ Frame 50B6 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18067877421594875910
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e80467dc44e6486d8b931ea1a7e805475f42b3828a3e49add5eee2355f86d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:24:52 GMT
x-content-type-options
nosniff
age
176717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142340
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:54:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 20:24:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F7EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslUuAhi3GIjaRT6LRUwecI5e1JfDBBO26VC-J2MI8ngRRZxOqdxlzvI8hLbluf0sJN25flu0RFPPDqlutfmXwtIK8nOouVyu4TyeJdL-l6sxFGVeFk1LgTfBAtN5J5rpAG8RiJqzu52W4kbjcMuAIa4Q-7RzZQzaw3TFVcBhIXqkq--jZl_tD9pmZ7_O_6330M1-8CNvMBAWVA3-C066EepkGDSGEMpL-X_QM-Fxvz-mAft9wuGqMkJO8L9VjazaZhhrYzrow41W6ZqDm_EIq7TYh6VZNaKLczArQpkQaYJzzhKQeOKwX1PBAkvY-QxSBBHhdyvKtpjRqID3XIyOB7&sig=Cg0ArKJSzGSGqr8Tu7LdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
18067877421594875910
tpc.googlesyndication.com/simgad/ Frame F7EF 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18067877421594875910
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e80467dc44e6486d8b931ea1a7e805475f42b3828a3e49add5eee2355f86d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:24:52 GMT
x-content-type-options
nosniff
age
176717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142340
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:54:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 20:24:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame F7EF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:15:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame F7EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 20:48:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7EF 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
l
www.google.com/ads/measurement/ Frame F7EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfEEb_KbNLJPh__ZwqhQVG9yxpYnCVggCvTfjGnQm3Wux12ujLjicEHse9atDTrk3AipTZ9UmwcU7JuvAGa0oByOiiSA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 7FDA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb31_LyKPMM2WEMAaJ7EISKBJ-zBXbgvS_cgo66gK8dhezLPyf9a3hBreUSa56ZAC5mcIG-TYzuffybqE5CWeEoIe_MzDsrvEPiRjWiTuOYeA1lFVDNQ1SoApF1xdZocq1TzeGeVpX447SJs7V3XCTU1va51rCGtTaBR8nL-6jFDDzQ9R6cnjNK_ZMEKNVsLuFctdgVLIXf7dSmmsxO6lBWY6FaVPQpFoqDj1KKV9X9gKa2B13Dff7Q1T7CHPvc5sjUft1yvlA7ikCGNU82RmYlQFCL3fMsw3q%26sai%3DAMfl-YSn2WgWuAQVm3UskX4k6l14wbfQ4GmqfSAOXg_bpQhW1Yf2ZVlpB-DncdxGcYMwdqBBjl0yekzbX0XoypYmlUPjobihNsLws1qnrEKn%26sig%3DCg0ArKJSzOrYUpyatCNAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=KyagC0Soep;sttr=46;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:27:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7FDA 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuftumNwLeHq24tPE6PWF8Y-cDCHql2Ozk_KxFK5sLeK7p2ghec7mz1mIz7CO8UovjtB9NeNd3ML5dar1wXpZ52yZjPQJGjHIM6Wr8NtxsrjkO4U2sO6pIt1-TOsCmx5YnyCrC8xh0Jry9-fQZQTk1-rlpsZcIcNc5Fca55uxQ-hBOk-JE3Jw&sig=Cg0ArKJSzOa5BbHUOzBdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220329.30935&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb31_LyKPMM2WEMAaJ7EISKBJ-zBXbgvS_cgo66gK8dhezLPyf9a3hBreUSa56ZAC5mcIG-TYzuffybqE5CWeEoIe_MzDsrvEPiRjWiTuOYeA1lFVDNQ1SoApF1xdZocq1TzeGeVpX447SJs7V3XCTU1va51rCGtTaBR8nL-6jFDDzQ9R6cnjNK_ZMEKNVsLuFctdgVLIXf7dSmmsxO6lBWY6FaVPQpFoqDj1KKV9X9gKa2B13Dff7Q1T7CHPvc5sjUft1yvlA7ikCGNU82RmYlQFCL3fMsw3q%26sai%3DAMfl-YSn2WgWuAQVm3UskX4k6l14wbfQ4GmqfSAOXg_bpQhW1Yf2ZVlpB-DncdxGcYMwdqBBjl0yekzbX0XoypYmlUPjobihNsLws1qnrEKn%26sig%3DCg0ArKJSzOrYUpyatCNAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=KyagC0Soep;sttr=46;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7FDA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb31_LyKPMM2WEMAaJ7EISKBJ-zBXbgvS_cgo66gK8dhezLPyf9a3hBreUSa56ZAC5mcIG-TYzuffybqE5CWeEoIe_MzDsrvEPiRjWiTuOYeA1lFVDNQ1SoApF1xdZocq1TzeGeVpX447SJs7V3XCTU1va51rCGtTaBR8nL-6jFDDzQ9R6cnjNK_ZMEKNVsLuFctdgVLIXf7dSmmsxO6lBWY6FaVPQpFoqDj1KKV9X9gKa2B13Dff7Q1T7CHPvc5sjUft1yvlA7ikCGNU82RmYlQFCL3fMsw3q%26sai%3DAMfl-YSn2WgWuAQVm3UskX4k6l14wbfQ4GmqfSAOXg_bpQhW1Yf2ZVlpB-DncdxGcYMwdqBBjl0yekzbX0XoypYmlUPjobihNsLws1qnrEKn%26sig%3DCg0ArKJSzOrYUpyatCNAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=KyagC0Soep;sttr=46;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
4220928466902162573
s0.2mdn.net/simgad/ Frame 7FDA 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4220928466902162573
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:45:26 GMT
x-content-type-options
nosniff
age
99883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36633
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 16:51:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Mar 2023 17:45:26 GMT
i
cdn.bizibly.com/ Frame 7FDA 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/i?v=3569326&a=520739529&c=166451110&s=6840654&p=328652550&m=0&n=882940942
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
last-modified
Thu, 24 Mar 2022 23:59:08 GMT
server
ECS (frb/674C)
age
509461
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=882940942;
ad.atdmt.com/i/ Frame 7FDA 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 00DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6sN4WxWIuO_Y7Nv4u3aSwiCwSXK80DqgkLKNUonEGtTeNMNg6DDoSNVrnhri8YUQ2IuUKZMJ7pUQjrCwOHDFAcrTGm2A4xd-yY1eW6bShgKvOo1yKGqy4rXvZ_Ev30jU0xE_SezMoxOgkd_p0YqbM1UD7WKDA7ZVmiLADcIaRFbpVpg9oSqOX-3lolAD6nUgiz-1as9NGRUdXOQcqLBM0fZgM1hp0KbMCghU8f0gk_6ODReoJxXf7Tt0iK6g53HBCND2LyePzKb_MYzfqglN66MCAf8pYeGiVNRSCQ0yI8xa4SmYvX2OistyWI9s4fVaUc7NdUDKWTOy7zykme55YToEV&sig=Cg0ArKJSzIwmYip6HYSSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 00DA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:15:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 00DA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 20:48:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 00DA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
16293693305174071555
tpc.googlesyndication.com/simgad/ Frame 00DA 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16293693305174071555
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6bc54c244749fa3941a6ab071db82287ba81a3cc28a9b38e7137e3e926ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 16:53:23 GMT
x-content-type-options
nosniff
age
103006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87875
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:56:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Mar 2023 16:53:23 GMT
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame 7FDA 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
1990389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
eVKGfvH6dzPjmRf6Vw6TOXa7usB3Xirpm0Epj-NkRJ3P07h2plnn2w==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FDA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
/
www.facebook.com/tr/ Frame D522 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://www.cyberscoop.com
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.cyberscoop.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
truncated
/ Frame 50B6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
574c0442e6b8176c29dd7d4ec193a449f13715ee68d68859b62accc91c7f73b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C11C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
URL: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 13:41:02 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame C11C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
URL: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:41:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C11C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
URL: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
truncated
/ Frame 00DA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8375ad9b3c51a2023024be920bb1d24949e9ec945d202e552c202c8a856261e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F7EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFUrjB2WGcdvEdJ9yZa8LQ3HfaEyWMInErwPepQI6lzzsgctYivwjR5zx5sx4mJDMaBkKiSISRbsmjEdkLOIV8P47LPjWBb2bady0NExUiynuxz7qWb_R1zrbDuu1PkMXzaDmdQRs5C0JI7B8MVhozMx5DnpSWEXUZg8boo-KsUg-vLFFSlUtp_LrY_1zDsj8eNPabqdBaxxRS2bfat-srEJJgsvxJjWUiWxycUXEaNqEuU8LIDR_pZ9vIv1CxG6DJTACGkHiKNJ50_XdX7HRys9E7uhLzFymfIJQiEobfnLVrfuS_xQ9OUKFKlp-zeGmlFNxWJKldbo11hkXY2fjNdu4&sig=Cg0ArKJSzGpmRedjU6FzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:09 GMT
truncated
/ Frame F7EF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fc14cf95f26ae4ca444158a829e2284bb8bc4ca75eefe3eb34fba16fa4f0a0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudsFu_YU2MjPc6O1U0lAXXQihtiCvYyvG64benbE8Yy_L0k1xVrAMlc6BWVo2cMry8IhGqD4HNrHp1v6m9TZlKVJWKibnEKu6UY4PTF9Ux68Wi6zmAngZH0quHf3GaQV6n6ILwre8QuQAkzJwgpQ52YAa7g_cvVjKqb-UIw7rGEMvDpmZswvg1kR_nXuvDwewuSm71ICCWBpoKgmH874ao3EH1ZskCNjM2chU_3SNWx_7P2CqDd0aRxspXsRHzHcjfXI0JlGxphDYmd3Mwr8rUgc2X8HB4zfCx91a25myIAB2gsp1DJjIF523wXj_oUj4ZnqW8FkNbY3j2&sig=Cg0ArKJSzI07VlIelc50EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
URL: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v85.js
www.googletagservices.com/dcm/ Frame C11C 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 13:41:02 GMT
skeleton.js
static.adsafeprotected.com/ Frame 7FDA
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff087f8d00922dde8664f5b73b7f04...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:206f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
age
3742326
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
CxddcP4OktqLwFTc_YsiAED03mqY8lfs5bLneL2vu8wV8Qz6pq5LTA==

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame BFE0 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3742326
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
I18tVNaMD-AP3a6p6OwduopEWq1nvxy0w7w0JbI02NYCmfQZNj2HYA==
dt
dt.adsafeprotected.com/ Frame 7FDA 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=1798bcbd-55e9-6e09-31ae-0815aa2c3e7b&tv=%7Bc:8nN3kC,pingTime:-3,time:144,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:144,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1BpG4q+111%7C121%7C131%7C141%7C15%7C16%7C17*.779519-61003950%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 21:30:09 GMT
X-Server-Name
dt38.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 7FDA 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=1798bcbd-55e9-6e09-31ae-0815aa2c3e7b&tv=%7Bc:8nN3kD,pingTime:-6,time:145,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1BpG4q+111%7C121%7C131%7C141%7C15%7C16%7C17*.779519-61003950%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.cyberscoop.com*&br=c
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 21:30:09 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 7FDA 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=1798bcbd-55e9-6e09-31ae-0815aa2c3e7b&tv=%7Bc:8nN3kJ,pingTime:-2,time:151,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:130,bdZ:273,beA:616,beZ:617,mfA:729,cmA:731,inA:731,inZ:735,prA:735,prZ:740,si:745,poA:746,poZ:756,cmZ:756,mfZ:756,loA:761,loZ:763,ltA:767,ltZ:767%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D,ha1:%7Bres1:1,ps:1,ts:1648675809268,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1BpG4q+111%7C121%7C131%7C141%7C15%7C16%7C17*.779519-61003950%7C18%7C19,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:22,readyFired:true%7D&br=c
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 21:30:09 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 7FDA 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuftumNwLeHq24tPE6PWF8Y-cDCHql2Ozk_KxFK5sLeK7p2ghec7mz1mIz7CO8UovjtB9NeNd3ML5dar1wXpZ52yZjPQJGjHIM6Wr8NtxsrjkO4U2sO6pIt1-TOsCmx5YnyCrC8xh0Jry9-fQZQTk1-rlpsZcIcNc5Fca55uxQ-hBOk-JE3Jw&sig=Cg0ArKJSzOa5BbHUOzBdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=196&vt=11&dtpt=195&dett=2&cstd=0&cisv=r20220329.30935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1575237685;ord=5mo9b5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstmBw5ChVPe3xIGVg7Ltg-r6Hb31_LyKPMM2WEMAaJ7EISKBJ-zBXbgvS_cgo66gK8dhezLPyf9a3hBreUSa56ZAC5mcIG-TYzuffybqE5CWeEoIe_MzDsrvEPiRjWiTuOYeA1lFVDNQ1SoApF1xdZocq1TzeGeVpX447SJs7V3XCTU1va51rCGtTaBR8nL-6jFDDzQ9R6cnjNK_ZMEKNVsLuFctdgVLIXf7dSmmsxO6lBWY6FaVPQpFoqDj1KKV9X9gKa2B13Dff7Q1T7CHPvc5sjUft1yvlA7ikCGNU82RmYlQFCL3fMsw3q%26sai%3DAMfl-YSn2WgWuAQVm3UskX4k6l14wbfQ4GmqfSAOXg_bpQhW1Yf2ZVlpB-DncdxGcYMwdqBBjl0yekzbX0XoypYmlUPjobihNsLws1qnrEKn%26sig%3DCg0ArKJSzOrYUpyatCNAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=KyagC0Soep;sttr=46;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 7FDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBg1Ny2_yiUPTgnG86tPlme4b9m-BG1uU9wcaExw7FKEZMVXRFnyqM3BnmCxoJIh5i3xvYp5U31bU7L0xWE35X0fkkKGor2gdb-xmO2n8gmN5OmLau-BQU3Y5fvswYmMAKn78myPPosz3ldGl7lAfOr23cCQJPKORTYuegnfPOkjLjtAbWBV_XQbax13Pauv7LuytgneQbYKIY_UBhyBVQ03owpWXbJUwP2zMN0_RjOxpqejK_V14NgxzPnlzAKflPpFJ5skbo2BXj-JY6jX075r7xkyV4dutbPcp5BII5JtnfxglcoupsbhpVvhSoTNA&sai=AMfl-YT8UpQwmz5gGJio5fuo2A7zQh4DWUfYQMzsMA63ZBeNZ-L-hrup6_HjGTrI7xffngf9vi_9KLvux86Y7KIOa7P-6SgRgrfUN_QqKxcZ&sig=Cg0ArKJSzAHV8gPFJ6lhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:09 GMT
B27108886.327787502;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=i98w4j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuZjC8S9-VZ8xcoH1I4c5EmD0rK9...
ad.doubleclick.net/ddm/adj/N4694.138004FEDSCOOP.COM/ Frame C11C 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4694.138004FEDSCOOP.COM/B27108886.327787502;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=i98w4j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuZjC8S9-VZ8xcoH1I4c5EmD0rK9xbIgeHEn2C9BgWh8_AdMe9BcKMCEhwBOHTFYmel4Y7equzv_a5txUTasPhpfJLNsve0CqDF_GJ4-0NpigdG_LC4kUxz0cyAqAjdhaVS18m2xsb5DciDnPWQ4CrxfEZC5WecPrsdUk7Ddpdgt9ITL7vKnOZgt4FHk5ivQIPUdz-sLEEpfwl5Obzh85Qg_IXlXZO_LmppLo2-hGNFEGqk0Ve-SyCtZ0uXmaxY86qN44Mk_mXa-qHDZUbrVHRk4tED0Tp4EpDJvF1PbtbhkNwGCY6NOehcb1UiHvusc1qvT9MxqjgO%26sig%3DCg0ArKJSzBQGkw57y-KTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=cduTCiY_2A;sttr=52;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ce28ae0a724a214690be785d29f6f7351b0fe4b5cda577eadff4c79f862431bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 50B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFQY73tde8fHYg2_SGZC31WuU0k_EGT6iL2hVW7tD8U9qySNI67g_xqY6HWATeFWL7y_uLVBgVDg1iT0iiu5Npr9ti0LZ5xrBmiMhGSe71bfzuWYloQ97YQv0XbcLzLWuXKOIexzDTm3JYVN53mc7UmhmnxbU41fc8olIdNFIWeinZ-YIxRNtj-CcGiu_WGE0Z5Oh49ThfImszcQfNVPRWkLzNo7RtkiwlkrbgbBAKAd2BW5GXfIqvTIs5h4ojigFWe8peOsRs1Ot153TTKEd_uM1rvBXgm5ATKECH7bj94Nneyz1r3uvIF4aA0MeDc4TdUtv0IXW1-Uj6fKbCJk9YGvSJPtUh&sig=Cg0ArKJSzEuyVwnpw85AEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:09 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 88CD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
28061
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F708 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f57d9bd3bde7b8fbaed30bcc9ed2da4879208492aaefaaf5517e57f43e3bf4d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10624
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F183 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7124f1e0e75e1706ec7d8f14cc3834ad3d90b3134b7d5b978ee1d40946e8940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10620
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 00DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYXKVweHAS0XcPllHY2zQKgazdWa-d1B_kPAQgVpAG36yZzacvDmP3yk1ORl3HuDB8ynTfj3888V-2trxNHrSG6iigh0chcAKTJMEXhme9c5iYuOMZIG0DyOPJ1VI3JSV6ttueuowKCDt0NlTibKxfjrzelyYka9Lyq8J7RAhLq1MZZiKW4pycsT7TzHFnbJs7QXFTgsN-83K9vahJoO7TguOpol0jxmdHNXOoizKdGiCxQtk80z_gEzT6RggFfyR9YI2cVSq9NHSu2POxuWX5C9iXbeTDqY_FxY5IG5wHoqYHnGS33CR0btY9P_iRJMON9Hvy-EfhmmkNyEPSVckVg85_dOA&sig=Cg0ArKJSzM2LPhkY5dCqEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E91A 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
051c4417e681ae773286e1e66130db17240e59c2acd374fb0f51da9d809a63fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10581
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 7FDA 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=1798bcbd-55e9-6e09-31ae-0815aa2c3e7b&tv=%7Bc:8nN3lS,time:222,type:e,im:%7Bimprf:%7Bttecl:679,ecd:55,tsecr:9%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:222,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1BpG4q+111%7C121%7C131%7C141%7C15%7C16%7C17*.779519-61003950%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 21:30:09 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 88CD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F708 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E91A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F183 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:09 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame C11C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
Origin
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 14:41:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame C11C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4694.138004FEDSCOOP.COM/B27108886.327787502;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=i98w4j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuZjC8S9-VZ8xcoH1I4c5EmD0rK9xbIgeHEn2C9BgWh8_AdMe9BcKMCEhwBOHTFYmel4Y7equzv_a5txUTasPhpfJLNsve0CqDF_GJ4-0NpigdG_LC4kUxz0cyAqAjdhaVS18m2xsb5DciDnPWQ4CrxfEZC5WecPrsdUk7Ddpdgt9ITL7vKnOZgt4FHk5ivQIPUdz-sLEEpfwl5Obzh85Qg_IXlXZO_LmppLo2-hGNFEGqk0Ve-SyCtZ0uXmaxY86qN44Mk_mXa-qHDZUbrVHRk4tED0Tp4EpDJvF1PbtbhkNwGCY6NOehcb1UiHvusc1qvT9MxqjgO%26sig%3DCg0ArKJSzBQGkw57y-KTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=cduTCiY_2A;sttr=52;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:27:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C11C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
truncated
/ Frame C11C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e8c324a0b4b5720623b88ed8acf95b9aa033d60a4da5ddc2cf3d8e000faf147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CA54 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
28061
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E543 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:03:33 GMT
expires
Thu, 30 Mar 2023 21:03:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FD7F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e77c0d14fbc22583cd48f68900e95997a8c86c5ed1bccd4b0381f475ac7c32c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cWGMRG4RHJyNmqzC03MYmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-cWGMRG4RHJyNmqzC03MYmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
expires
Wed, 30 Mar 2022 21:30:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F2E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:03:33 GMT
expires
Thu, 30 Mar 2023 21:03:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F9D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4555c6abe72d9a434a55399a81749f29950c804ed2ea983927a4824c5e293c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6KkPI6Pq/rT9qdjUw9Osfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6KkPI6Pq/rT9qdjUw9Osfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
expires
Wed, 30 Mar 2022 21:30:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5488 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:03:33 GMT
expires
Thu, 30 Mar 2023 21:03:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FE64 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c5d210163f697597b42477956ab5e2bbed928e72efb5c5dce3e42ad6188a0c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S9JQ5TgHceWzb8uZ7yzedA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-S9JQ5TgHceWzb8uZ7yzedA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:09 GMT
expires
Wed, 30 Mar 2022 21:30:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
unip
trc-events.taboola.com/1035174/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=1579&scd=28&ssd=1&est=1648675807968&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1648675809548&mrir=u&vi=1648675807966&ref=null&cv=20220327-2-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.cyberscoop.com
pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dt
dt.adsafeprotected.com/ Frame 7FDA 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=1798bcbd-55e9-6e09-31ae-0815aa2c3e7b&tv=%7Bc:8nN3pA,pingTime:-10,time:452,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjYwIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648675809573%7C%7Cb5cdeece2caed3822143acc15effd2a4%7C%7Cf1304fc6c30821c0c7c03569db70f592%7C%7Cd2fb76e5a5051df479c7d403eac2e0d9%7C%7Ce07899f91861b678efd794bfd8c07ffe%7C%7Ccda3ea949bec144577288e31784ccc8b%7C%7C60828893a82ee376f2f4377c4c3333d6%7C%7C001e7e13613eb41c54709f35f24c22ce%7C%7C1629390669%7D
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 21:30:09 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
moatad.js
z.moatads.com/goodway341003946512/ Frame C11C 		310 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/goodway341003946512/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5068f5b5608101bdb2e16c39a391105d4c428fdfa5f2f140e71e7d5cf3d6f901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:03:48 GMT
server
AmazonS3
x-amz-request-id
ZPQQ2YF2QF0AHY5W
etag
"87387a23aaecf9e1572d4287c629c868"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=35925
accept-ranges
bytes
content-length
106575
x-amz-id-2
2G6DJlFQZAh1qGY1P4QA80d8F5s3Fgwa4AOnjhcliNFyugNwS8mInWbpb2AXLdBasuhGKoGQAas=
index.html
s0.2mdn.net/11581985/1642180076507/ Frame 16A4 		76 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/11581985/1642180076507/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630c913043802e16d2e90cb8ff3b388f2b374e1e38cc9e8278df6a8c141c81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19226
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 06:01:13 GMT
expires
Thu, 31 Mar 2022 06:01:13 GMT
last-modified
Fri, 14 Jan 2022 17:07:56 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C11C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGnZ_u2yOceLFoo6GNzmOr7HW2iOmIaxHNWP8iV80aluai4yU1BxHuUjembSArwAEexC3IP14OjEwJPVtkia3rCCqKsGg146orRzDGnweigspcFdbVcFYWQoaLz1x4AUxCqAxlq1e3-zwS3AOC4Bog2YzQ&sig=Cg0ArKJSzD3PtEVmsvovEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=146&cisv=r20220329.28149&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzgW44MtEYt_BO9Ss9u8PgYyc6AcAAAAAOAHgBAI&bg=!cXKlcjbNAAZku-1yRLs7ACkAdvg8Wp26twe1Mq8DUkzjuGSJm0tl1yrVKnhh1ulekK0qCA3WFbVGtQIAAACIUgAAAAJoAQcKAAMLuB2ZAyVELAc_NGn3O7OulJLnjy0xLabsXq4tpzZoTWHbwV3XhzrCSDmUe4y9TWWQFBIdSE458G8K90apo6Z1DmdcvMjO_-y6jRW-wbvJ8qJd16FDTfCmSTGSe8tPA9GuTKDQMqTt67nH2zw-QMjtukYKmMCi9QxEdNYfqAWxeYxcTwECTU7-rXVKXhjpPcRrzTpNIjy8GZyKfM-EQTlKSvRUpj3-wNf_Cn99tOaVk2Oj3OsBw4iTGqrC--6zoTLYC0HbA0jv9Y7UKLrK7HLkA75zKeQTg_AaABirLSLfxeSwfvl5vH7T9dBgXs0lfEc3IGy6E6IbLyRFGw33cxrPda1vbPylC5l0QAYY96n1e5aGeGQFvGXpTaiMotUXDRlnsUaa6bSKmGkmWpQ9CfJRrgV7V247sIZeZmz0uao-LhuT0HIwi_ftmANctNA1CTCCvcDlCsGWLlgHKZGWjgmdD0I3LpQhTvGiNmh3WXGvJAZrSaBSVOu8pFVT9KiYF6Y1DC0jGagI-Xh-AnC_8h74LJUsCO9cR68pf32Sdml5xRg1-FlfyLTpRHPOIo3QuTKmOi8hQcaiCCoe4c0rC4vtdfw7PBhx3q-B9D6o_b5nfvVp0ZNCrKoU7f2T-gQ6XCFhXNbr7ny4-NCWOyVR2TNhRSpYLXfdlB01gO4f9oQfHUcbpLXSxZDjpoVYc73xmIZ0BG2upDpQdvJ1vAEqAmWO9E2JYpCHJ9WKHLA8632Z_Aj21Z49NkYVcDS8xYhtOpA1FluhrLZfYcgjlPijNAgl9SbxS6yyIr1NYYn_wZBmu95dt-Lc3LhecxrhqOSe8chDuLBlWmQNkbxpdQVEd7AiDp4VfOCQBhCZ1MI8_453GO0OMimd2Hk5heikdnEQNXzhkDStYu6-sC0J_QBQ0gx7cru7mh1Xa_UPfv9wx04O0j60yZ4vJnHf49iwfup9XNC7RunPU2wpbIHiqf58cDqm2DoSLw5vIr_ZtnQ63LaaWhDO9H8V1XEAk8A_tw3Jpg-3NKxri7sEU0MSeiO9p8nzVdXa9eSjBqT4SxFpNcwR36Qv-UDD5h6ArAtI
Requested by
Host: f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
URL: https://f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame CA54 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FD7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=4432779166058359&rc=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=955751074367291&rc=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FE64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=820445374162873&rc=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame E543 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 8F2E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 5488 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
pixel.gif
px.moatads.com/ Frame C11C 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=GOODWAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.cyberscoop.com&lp=https%3A%2F%2Fwww.cyberscoop.com&t=1648675809677&de=82727420094&m=0&ar=9f397fe3151-clean&iw=d73b228&q=2&cb=0&ym=0&cu=1648675809677&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=11581985%3A27108886%3A520109236%3A165135366&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cyberscoop.com%2F&id=0&ii=9&bo=7676691&bd=327787502&zMoatOrigSlicer1=7676691&zMoatOrigSlicer2=327787502&gw=goodway341003946512&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A428&jm=-1&fs=197724&na=1878447731&cs=0
Requested by
Host: d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
URL: https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 30 Mar 2022 21:30:09 GMT
css
fonts.googleapis.com/ Frame 16A4 		1 KB
400 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Red+Hat+Display:700,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642180076507/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d64cc55939894b26db75fbfcf21685a3642f89a9e6ea80c023cc8eb8046bb43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 21:30:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 21:30:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 21:30:09 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 16A4 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/11581985/1642180076507/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/11581985/1642180076507/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 12:47:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1956 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKNqiY25HgVu6hojapoBHDXmZLmEW5TEeimsENw8Pm7OuvBT4PeVwq9jkjE17YM-v80fFLNkse1-jVYvWxyhaPIaF0R5vhwre8jEFMhKpea0I6cOSE&sig=Cg0ArKJSzLb2NAPytignEAE&id=lidar2&mcvt=1033&p=371,480,851,1120&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=113530204&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648675808514&rpt=278&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v11/ Frame 16A4 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v11/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:700,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 02:10:00 GMT
x-content-type-options
nosniff
age
588009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29592
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:41:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 24 Mar 2023 02:10:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C11C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGnZ_u2yOceLFoo6GNzmOr7HW2iOmIaxHNWP8iV80aluai4yU1BxHuUjembSArwAEexC3IP14OjEwJPVtkia3rCCqKsGg146orRzDGnweigspcFdbVcFYWQoaLz1x4AUxCqAxlq1e3-zwS3AOC4Bog2YzQ&sig=Cg0ArKJSzD3PtEVmsvovEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=515&vt=11&dtpt=367&dett=3&cstd=146&cisv=r20220329.28149&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/cofense-emotet-irs-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame C11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDh_UKhelJyERNLI9OUolSKEs0lhsIRHtMc676sRJBKqWY1Yw5cfafeHKUGg9UX9KCnyZ-RzEpdSbq7TStginKVpudCXuZcAujTb9S_Z53wHBfK0gT-7VjTP089iQ9Jt6ztvYwdy6aGM7QEbFxIMHSBDd90Pj085lBYiaem43b4znTa99uc7jhqkK68qi7cpSdnLNwdpe71jlhOhLonk0IFMPbmw5UW2kEZPalvS5cqmTazIl1O5frwwkOu37b6ohp357SPiXzfdVswwu-nKRkoz9QXUW8FW4NRe63exBjkKJrqcJMt-fwYVpDkrH_M0v-_kbuJpqDJ0HJmYI&sig=Cg0ArKJSzNB8Iz6kAiscEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 21:30:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3185 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51c7c8754e51f9f258372ed3929ba77868ecd39959638dd70a1c1a4293f42a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10633
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91de68ad0a8ee6dda34e5056bdb92e44aeb8b382205b6ca09d27c29a9bc01531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 21:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10747
x-xss-protection
0
__ptq.gif
track.hubspot.com/ 		45 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=12a1276a-80fd-476d-9b04-ff75c18c859f&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1890393834&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&t=Emotet%27s+tax-season+phishing+is+back+with+new+tricks+-+CyberScoop&cts=1648675809968&vi=168a3d1570b488a4a98706cf64918860&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
547c9b28-54dc-4f36-9f27-2f8f54f42423
cf-ray
6f43f1e4a9ee9a0f-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdBsVxlsiYDmIvfSydacytgoczlL3wOUm%2Bx%2Fq8FbxQkkIrgfXRXPY%2FUmPYvB1%2BByR6ZsZLsces2AWChJJS7CLaQNSFxplOvg4c%2FwDPOzHc1Ts9i3ORpQht2gk21xxbFqxjOChynf%2BaLb%2FsxBIvKk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1890393834&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F&t=Emotet%27s+tax-season+phishing+is+back+with+new+tricks+-+CyberScoop&cts=1648675809970&vi=168a3d1570b488a4a98706cf64918860&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f371741f-02be-46db-9394-3de19cc11e4a
cf-ray
6f43f1e4a9ef9a0f-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4E5u4hmxqWTkYgZ2qsAFZfk7KhppXuj3kT6Lq4EpApaq1asrjoeke4sCZje8hMolBhRZh3fwJW3sssdgCM3grPXmrvpxbLJrWivXP1zIX%2BjwmBPje0NoYT9emhVMB5aBe3qc9TI2mRwhSEd9PPz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
300x600-skyscraper-DataPool.png
s0.2mdn.net/11581985/1642180076507/ Frame 16A4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11581985/1642180076507/300x600-skyscraper-DataPool.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6db26736205f164352c9df1403ba62140c35dfb4d1b08b4c626f1cb4cc3e61ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/11581985/1642180076507/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:01:13 GMT
x-content-type-options
nosniff
age
55736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8409
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 17:07:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:01:13 GMT
Trellix-Logo.png
s0.2mdn.net/11581985/1642180076507/ Frame 16A4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11581985/1642180076507/Trellix-Logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8ef896304d0e442fe424594c6d047347ea9a553e733507f101952e15c7f41f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/11581985/1642180076507/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:01:13 GMT
x-content-type-options
nosniff
age
55736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5281
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 17:07:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:01:13 GMT
300x600-skyscraper-bkgrd.jpg
s0.2mdn.net/11581985/1642180076507/ Frame 16A4 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11581985/1642180076507/300x600-skyscraper-bkgrd.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be801b9a9813235e4439271db0a1701ba85d15c324d8b9c8616f36b21b95534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/11581985/1642180076507/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:01:13 GMT
x-content-type-options
nosniff
age
55736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89312
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 17:07:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:01:13 GMT
300x600-skyscraper-sunrise.jpg
s0.2mdn.net/11581985/1642180076507/ Frame 16A4 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11581985/1642180076507/300x600-skyscraper-sunrise.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ecbf6d0224b899abe402bb2c13343c0f9961b0b4c478219ae59fcde4f09289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/11581985/1642180076507/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:01:13 GMT
x-content-type-options
nosniff
age
55736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88572
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 17:07:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:01:13 GMT
generate_204
tpc.googlesyndication.com/ Frame E543 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DHCZqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8F2E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ioQjrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5488 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iT2U9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3185 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 21:30:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA54 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-Fnh4ctEYuzOFeiux_AP-_e2kA4AAAAAOAHgBAI&bg=!EhGlEVXNAAZku-1yRLs7ACkAdvg8Wl2DeWbNZ4XmeFn-42C-QvOsC8Y3pifnqzJllNyuPkce7LBZPgIAAAFUUgAAAAJoAQeZA0IwKdi5bKeUiWsDl5VZzfUkaUk8IkwLZ_RHWPc5aFLmYfIwtJ7ilpIPOiCCG-mUcgryfk6VYWffXAtnw_Xl9B4Dzy3XZPr0CkkAQNEcrdFjxbdiPyjpdMWalNCwDsV2ftEUZArUEoKHUPr67bWSzKuoocyqyUa0Py49mi8ITqObGuNN5R4jE6BDLpiE3d9p051InS7pxqjUtcuArjhVFgzntvs5rQizDeFil9BMgSv9FS7OL9_Cz9ibZY3sT9qqUEco4bbHvLKbi6nKbomOaIPT7zf5OOjSujDzQFEk-2Ar5Doxm7gaRmRN31wUZJOHwHYq4Bl9XEbEgu8TV6kGof4Bma-RBEPG6YCepNPmNSejOp_3jmG8HvOfJ3oyov_xvVhBaPwJ2hB1UNYUQCbHUS0Ju4e6rx92s4qK_VZnezIJAlypSwMuNpyfPnBHiqOJ084YXGBb5rj-hF3Ff5KZb-2rzFenzgolLNooKLpy31lY89CocTmlepl1upwDb4gpscU7mH5CGFyqWENg2Y8DFkmzWxGLYnK6FuDqH1MjUdP37pXJaNMAnq87XNRkPKmZdH38hMX6CdNwSZWl9s-auHWp9nRGIC9IG7iZM1n_xMq_1Azo3p74GADpZe9B9KsksD_d7uvB331DZ2FZiRt2FySl1-tHaXoeQoDVz227vVfJcaCyB93bIoAGYuOtNsAhEY6RFiFMoMScXIdxwFvImtAsQ7APum1w0qaUKQ_XMNNjOOCCHJwpi-Bt7wAJDxmF1J-mczSQGkO7r7eDruc-FeX7_yiKvdmgTnBks8edGVEN3fpRI4ZRxegBmm6riXztxdMNhGBmaCkPelLtbawiX0BxdiRHxfobmTz_db918B8EZj4DphYxzDDDcWZGej8JMIlYL8BCS6Cx4msLNpAOmQ-SCEEyYerAXw7BLRA8XedAEmogPlQxuXUZQJQMuMopRhql-ftEHYEXH7t4U2LPu91xULbhSXNBRCOXpfwew-W5QjwGc0xaA0lMX0YkZYvT-G17Pb1Bh1rolP5W6YA5hJQIG17Hjq9BJpA0gC-K4U1xlEiGBug3TihjV1YbNj6KaTJrCWVd7Un0hanVcFOnBr1j1zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B789 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:03:33 GMT
expires
Thu, 30 Mar 2023 21:03:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C1AA 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd0d86837157841e0c89c2817027bbd38e8d8d462e481e6b3685b8f68224b9e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pR4ieRIq+QbcS7zZwcUo3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pR4ieRIq+QbcS7zZwcUo3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:10 GMT
expires
Wed, 30 Mar 2022 21:30:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65B4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:03:33 GMT
expires
Thu, 30 Mar 2023 21:03:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7D3B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
807850a262a6b19d40394fe49556737daeeccc6cf18b1a691bbbba451b97d7be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u4AMj/OGv/v4pDsl7/zsbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-u4AMj/OGv/v4pDsl7/zsbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:30:10 GMT
expires
Wed, 30 Mar 2022 21:30:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame B789 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C1AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=298299784346487&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7D3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=4007784660163455&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 65B4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:43:00 GMT
pixel.gif
px.moatads.com/ Frame C11C 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F11581985%2F1642180076507%2Findex.html&i=GOODWAY1&ol=3245446444&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%24%26109.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-TOQdWwIJVy50og%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cyberscoop.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.cyberscoop.com&lp=https%3A%2F%2Fwww.cyberscoop.com&t=1648675809677&de=82727420094&cu=1648675809677&m=574&ar=9f397fe3151-clean&iw=d73b228&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A929%3A428&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=156&cd=0&ah=156&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=11581985%3A27108886%3A520109236%3A165135366&bo=7676691&bd=327787502&gw=goodway341003946512&zMoatOrigSlicer1=7676691&zMoatOrigSlicer2=327787502&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197724&na=1866148398&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 30 Mar 2022 21:30:10 GMT
generate_204
tpc.googlesyndication.com/ Frame B789 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6qADqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 50B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHaAt4Ro2Z4tHiKN5wYgJP9s36JtgnyXpLYNDjMlz5wHmqoykl-XS_ilDs9vzfrcXEphDEtMYmtCqZVFgNoecdyfViUdrkX4ahAnpjUN_RpBzzP6YR&sig=Cg0ArKJSzGPSr0LtOmFaEAE&id=lidar2&mcvt=1012&p=170,315,420,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=13849420&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648675809044&rpt=244&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 65B4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Xchbaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 21:30:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E91A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=4432779166058359&bg=!GxilGFzNAAZku-1yRLs7ACkAdvg8Wr0CjxrpFaecK2HSgaGVUK0J0F5yhhHOpUoDi_F3zdAUmkGYbAIAAADzUgAAAANoAQeZAx8UxMF90I9y59FRO3ApWE_nXc7_muMe7HXkAZKJ7BGfDJ6FcUKlLC6xktWW7zWWZDww4e2iGj1TBDu0YA9gspzHb_hzq0Lgf-K-FE1GqIerx71bzoVioqAyx_-h7alSBTiYQUjLz-kvWmVpCvnCIZRwxvVzM1K7WIEAgySEdMJlT-nNXpk3GBTA81OZyfo4MjFCjcUYkts6_a8T8NsmDjxSE4eI86ze1saSDKROegPHvtGuqRuohCU_0Oez6DfmfJifl4TfCWVkvcyj2JU5YIlSv-0yhwvO5OQqsbHb4XpglKezoZHzEF853DlnBzwoh7mRKEprjtCmF7SpkTixGbhiiw1JUOTBSjdR1Jhxj2aWnp8BJFlb5Nn7ybjPbFaVofsLmBztotR5UAIfMcRmS7cMiADAyvqYKoq0yXv80moiPyDBi1Qeom7b8IuNqLX1eAHDf9IWzQk5dFhj2VB-QLNhKm3Cc5IhLnUrgMKS9AtCXjOhVBnh4xb4TH3zhtFAkwArPOJ9zpXarp9cJ9slLoVVZptNOF68sLjyRNZYbfXfMbDvbZ-9_Qcfz20IKhfZn9OKfb-5ifjstH4JR3qpSOkYJ13DEMqHbCylN1HU25POdcyWHAh0HFiXY5383z2Pxmby3Y1NP4Ys5BmRYCc55W8aMY-DxxcT8UdqWFrKMy_A2my86l4WMk0x0soudk3eW6fEcAlbX6o0Pf5SFZVieVkvBhl_fjKFAzM0lWAifjWObmVT_dH4RclW7oupDyDmW907mZ3dE21-85YyS023AsElFO2kytAPJWQe-1KvYx3_FwLmiKXVH8cH5ck8CVcBb0vftRN1v-WzBxy9XIABl2DvWz73Fmp6Rx7THeo9PuHT_fE9ioQ2ERS5He35JHBsZ7gOf_K3wTqMckk5TPNmKa9YTMPHMlmPmD0ayeqxMpZVDo9iQnDksX1tmI0BTXEmaSHI8FF3R2pLLKCFXUwBWoVX-n6GJyutxacFTKxwJqPU6XR0Wzmhca_R-HrkYysU29kPfxrFblFKV1oAK-v2Ufvtxqv897TolMXeI3RXCp0d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F708 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=955751074367291&bg=!kZKlktbNAAZku-1yRLs7ACkAdvg8WnL1ZAQgz2VVpx277HZg1ypADT2oYkWry7AguYOEvAKViDTLAwIAAAEHUgAAAAJoAQeZAv1ts_2DIUR45natqLa7qHyQZ7AQ1AHWBCl6d-Mkft6Oxc36jXOaZqD4WRsiC2OaSGBWvAfrnMTGaLzgMkZ7v5-_ewW2E5IOI4YnLhCf9vyo0hPDljA12TOxpCQRwgIj2gKGNnJ4Ec8tl_791RRi8wTYe6rTN1ciwaxoRr_55FWZJc1k4iI5mj3eEW5-TAC9kx4giqoZrzlEoIFsRhp-jBEU5FT7dC2SSP_QxtspNlNBE_6K7IK3YWcBssVv2lueOBjYcZCvszCIHc4FuoKhAU6YlOeyWYGb0zY1_zwlguT_9GnclSm9NphVAfFZrv5BMkGt37nMLFMabuXxO1hpYvBBuUuaUfZ4YcJLDcmKTDY7D8HGtG16BQgtswXAllgpXw91loW1NkIqoqcBvbtdlDxYVYTctanEpB5JSoCKPBdmWKyjrPQ1SX_ChB0anjhI3ox81DWpKH21LNvZNJtEFeiz7wuzu5bxYlRDTk4ezNICXpYsLhYaIW3ygrhNdpzS2hn_bgIYjsqcJ5NM4bS07p677Coc78G6yBYT8JTmlcQQ5gohskHqf8fP81Ho70VNw70jWbv9g_BCwCc_QgUDOXFJi3z6GO6viR3q5OiLxZ1-_YXr8UsBo2ETfKaRSNHPsJfKa7Z2bRNN1uCkhRBreMww67tc3UfdXEJOCE14fHQwzPYq25L5XSjmI8Tniut25iEjvyPvw13CwlwWhCklINROWdZAhYChsC2Zx5Qcw-pdSDVPNssGODeWLsMM9gGB_GTmjJM1cbvY8U2qM9Q2of17JqtulYfoCT-7o4Xi_BT1Et8KESjHOrxNb8_zyWgi3UGFc4yfYPvT8h2OFvaSldsrlRU3zZwGcnlP0YBpRz8404s_flUb1-8qQm664oq-Zuww_d9t4kfMhPGPzttH0ZWpbpLQ0wioDYcD5CHy7U2s0uhhXTg98gmbWnYnxf_6Jg_OnCwpdXziJi5g9XGyqqogl5XRO501zlHsz1NMc16vhcqfGrR8lfu_hE1JxF8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F183 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=820445374162873&bg=!8POl87fNAAZku-1yRLs7ACkAdvg8WpSkGkiGolNpk8KTkJ08fCyeBuZZtJUgSf0UMeToSRg06jk9zAIAAAD8UgAAAAJoAQcKAChfFj5xWgkvob2zovJLfvfTT3AeVYUlWkCc6KvMhLVPDGwU6DC3m-hJmQMGejrEt43nirMWYRAOm4J8rdopmMexS28q4uGCppwRdrFOSWynuQjCgeGBWr4go5Z9t05g_qLtaFUYM2pu8CH_lS_PzKSPdVcdISTZ4q3EHwyJm_6QkpxA5nBnXEw9q8cgxRW5o4MoDUI2NLyNz6W4nvEI-m_ZaBOAt1KuPlIQ-rg2DLgXwGt9Ht33AfKFUxDBluXPp5U6xi7okR8NlppslJI727iamFegzBLXLHbIMKxmNPG5bEnUTxRpXMBe4ygxiNZ8pq0j-0ZK0Qn23Nraa8KMXeKq9Leil1Ddx7NS-8AOLsVA02TAKvtT4acOrNY2MerKFrcfjRRVx1bD506t7wGufrpljHq5ogN7CZS9NiMwDWFx7WOq7qmNTENdU27EuBtIq7e8JbSW4FYbm5LiB0nmN_hsoJ_oga6iMnlAN91zigEx4naozbnaEXwTNuvfOwF_hjm_zKlzVMPtK0KQzUXG35lTZ2Pf2SX7PwehXsWuy9uMsNxyhxHFOSB3VGHSn9SBxfM6yAxuW45hqnmXxGEb9eB_Bh2xiV5ZMvqSeBphfDTy4UIDrcUtQd5zGYDvpYP2EasQrGquPg90Rj05ns76ZGhMPIet18YQghZrwAGuolbKNF8_KBRPxoYy4iENLgmVT1gN_1Rn3sUOSRlSl15zRG3NhxebOzo_vlpKTwrRhes6s66u7UvR1J1tG3bj0SpLk4-2HB8Wt4WZjN3Zs6rNqfCFtKM_jVnOMFwHbv56twlAN83AVcppz6E-79zL62yaoZMZSf4w9Awq0BX4ZmXSPF9fIrX3858PTUDEeKjZ50YTj6Rsa-AoFXBbTBrUgO13lWkwfAcFZNrO_hu3G9osnfnaHDbZDN0An5wNb-Ou5J4V8JLKV9c4ofmTKS5voSDr_cWGPh8dcd4YHeUGWJ-GDUXTWLkx_lSHsad0UxDfTBtr_sFt8w--RWBP5P7WE3OTmKE0TK-mjMiAXFKWMEWa0iJofnTNBc9Q1io85ZsDAMpEpTZt_v-i5dsCZtu7LsiWJKD1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=298299784346487&bg=!YGOlYyfNAAZku-1yRLs7ACkAdvg8WoFVcBngSxFsuMyLMbHBdguQfm6L58qgMjOe4yvoKbyq7N-YggIAAACEUgAAAANoAQeZAu5_kdbyw2uDrpCLp-24QdrAyk1WncKHN-Tm0cSAnbHhco8ZmQbGK6sBY9vof17ETzLapUr1L596YIHbp7YH1xfRyr_VVEuRVq1hRmUxb-ODxJJlanCGYI_abCP9h_q0eNO-5rl9cZFqADpVSANHCPX5qe2fCseJdKzsmSPgnF3PDb5KwqHT5SkKVd2exud-PKEojDa8-q0pq2hT0f0iUhUHzbRJnII9HHhR0ZmCzuFPkye3bqtgAQQtGDvsVPzlKLt54IwAHLwldnncRgGaRFssG2LLZ0SQatO2fPJKlERvgC3KTBIZFZ4vx1mthf5vD8Lf36aakSuDSoGXOj6E2CyEPQhUtBf3-TI9YVYyXotpaiA1zBFMbeDO9qr-0dyNIEhy7DSnZ_WtVjGyWKvotEXjxPSOYKSLZrwLdPU-ZGMS7oQ54bd935iGDb76-2mNnOYw0BZ3zrgHWXdHf0bmAwCx4JX5gmLoXvjvzV9GCNHAqxQ-7r7qpJKUNUvXQvar2ImRSObe00z_NPmnYvGT3OQccZIpz0Wx6YfstZFCYVnsXIwYr3A402x41fHw6QZPaabrxdSRBuXYOTzYncLF6SgmfZlp97Bl90t7nKfbTEoEqNv6SkeHy5N6xqFXiMjVmF53CpJZ0jEqY5_vhVX_PUIvA9zYf4ren2__e-oVn8_xKeuy7LqoxNft1GgKTnTl-eRPJg9DrEyruf7yE57Gbv1GGuP0NztUd8sWgPvbuTfb5C5SrfSWucsvlC1-ZShZfgwF4M082epH_GlOGGpoAOvxoHMKJ6NPKrU-8BNMhYzTYD8mza_4RuE2WfSWufYEmqLEDMgEmCCTIc-MSCVE2B_iZ6txO7V0iiA_mUFjhu2ySBtw0K7J0KGeAEzKnIfS4uRyyiW08FyD6gIymrmyCHfgiPkMB4vZQhJCVI7HCZdhLg7stsojWpi6BjEXPIPiJiKvjT47yWZY44_Iy5eut_u2GUHI_aI583QXZ3YELuY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3185 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=4007784660163455&bg=!NzSlNHDNAAZku-1yRLs7ACkAdvg8Wk1vJiw-qRdY_QE3q2UVztLhe1RERXB5oOiQEf1zBT1growT8wIAAACAUgAAAANoAQeZAt8zIMjXfSg09vRql6JXENz-H4lHA1Bk9uxoliggOAUHU1iI-2uS6_cGBj69_NgfP4GkZJ5FLt_W8WlVUirKWz1dDUpe_LramoAqWLTo0E6LLonghZOf5s4WzdZq6_oTm3Bjii-VLhws6Cj7FvaHXd9PxcUx48t0lXgbz0IteqZCkcgESY8_Ev0SLLjEuitVymVulPJClPbp72mEKktEK7QmBY-_GnxAOjFE6nIzytfhicehAESYxRw29VSAv0z0-LeTdZ1DeeRbOuyLpiJ42H76QEApn0ybJRelL5PgD_SpWNOPbpJvdqvGk8KMrZrhsRDUpcgk4wqxTpQYlmY7q3vxUaIi8h_0Y74HLlx14-ncNVvc9NnDmw7q1-4FOItpELAaAgM2PU7TjR3K60AZ25D6WZwGcOpGyxvahrcmwTcM22UP_5BgWAbovnzhKxbwx9dZzfAHo6NwTIVtH6970mijn1uwQ0_3Fvq7FLaRjitb_F5fC69Op1cQ7OlVqsDGa0qlAKw5MJcpdf1fu734rr3ZMFU7emSEVLkQkm3NdMi1WeFwu8beqpWpGBN3gCRUQ_ku-1crbclIilkTgO1xyqUbMs3iQCRkPmJOFeHGhSQrUmmkQYaWQXLBYk6YPf5fSifNpp6DrFlPWbqDbOPg3Ip-GgAbGAsm7AxG0V8iF6vJ2Cvygwfm-O1H-aKZZbS7Vhu5UT3caEPB-gZIyQzo0XoMSynX_xiQuyPx6pIHSuHtxOwrTPVbF_9Y3Tfvq6WR7eZj7CJfeyL5ypJwADOiRWatNP3CSxMcexrEy49YrZ3sJQVLRV-EhydcNekkVLs0XGfjkwEnPn4vkaQcRwSb-zACbvZPHruM7lxhhVE1orW-nP-IbQRI0ALxRoRPPzsnnP0rDlu-A3aFIxuG-hPcniEnqyFhGGjPm7743GU3Ka0C0tXJoJilIF-Pr8RFmDbZKx1_TabY-GCJ9rl_4XahS2o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc-events.taboola.com/1035174/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=4580&scd=28&ssd=1&est=1648675807968&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1648675812549&mrir=u&vi=1648675807966&ref=null&cv=20220327-2-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fcofense-emotet-irs-phishing%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.cyberscoop.com
pragma
no-cache
date
Wed, 30 Mar 2022 21:30:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pixel.gif
px.moatads.com/ Frame C11C 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=GOODWAY1&ol=3245446444&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%24%26109.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-TOQdWwIJVy50og%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cyberscoop.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.cyberscoop.com&lp=https%3A%2F%2Fwww.cyberscoop.com&t=1648675809677&de=82727420094&cu=1648675809677&m=5638&ar=9f397fe3151-clean&iw=d73b228&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A929%3A428&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5026&cd=156&ah=5026&am=156&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=11581985%3A27108886%3A520109236%3A165135366&bo=7676691&bd=327787502&gw=goodway341003946512&zMoatOrigSlicer1=7676691&zMoatOrigSlicer2=327787502&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=197724&na=1296613339&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 21:30:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 30 Mar 2022 21:30:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=882940942;

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| _wpemojiSettings string| hold function| blinkTitle function| blinkTitleStop function| do_stickybits object| runtime function| $ function| jQuery function| stickybits function| flatpickr object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf function| _typeof object| TFASC object| TRC object| _tfa object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| taboola function| pushToSearch function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| a2a_config function| testCookie object| googletag function| createCookie function| show_welcome_ad_desktop function| show_welcome_ad_mobile function| remove_welcome_ad function| onInterstitialClose function| receiveMessage string| true_posts number| current_page string| max_pages string| featured_news string| category_news object| twemoji object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init object| ggeac object| google_js_reporting_queue function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| pp_ajax_form boolean| canRunAds object| SNG function| captureOutboundLink object| html function| ppFormRecaptchaLoadCallback object| JetpackInstantSearchOptions object| webpackChunkjetpack_search object| wpcom object| _tkq object| _stq object| google_tag_manager function| st_go function| linktracker_init string| _linkedin_data_partner_id function| twq function| fbq function| _fbq function| onYouTubeIframeAPIReady object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| lintrk boolean| _already_called_lintrk object| twttr object| ampInaboxIframes object| ampInaboxPendingMessages object| _hsp object| gaplugins object| gaData object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran object| GoogleGcLKhOms object| google_image_requests

26 Cookies

Domain/Path Name / Value
s2.bl-1.com/ Name: f7bd4d4b8c98a805fa4ea6f99c7461f2
Value: 91f10400-b070-11ec-8889-136bd96abad0
www.cyberscoop.com/ Name: ppwp_wp_session
Value: f8c4ea27358ae3df63a8b56ed9685868%7C%7C1648677607%7C%7C1648677247
www.cyberscoop.com/ Name: sng_interstitial
Value: true
.cyberscoop.com/ Name: tk_ai
Value: uqbNTOz2QeI5RdVkWq9xdtVh
.cyberscoop.com/ Name: _ga
Value: GA1.2.432137225.1648675808
.cyberscoop.com/ Name: _gid
Value: GA1.2.954705730.1648675809
.cyberscoop.com/ Name: _gat_UA-80491860-1
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQIvjFudO0QA7QAAAX_cvGUYRtSpwk9mGk5RUZ0qblMo-_aemCJYgGBidE4VXSakptMfWqN2MtjT5Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ0tkr_qHMWJgAAAX_cvGUYaHIVkyzqEr_01j6lDagNvti4sw6q2ho05HBcn4uZf08TDElt0v22hVhRS77qSw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8e9aaf67-60d4-4706-8b29-f4489f0c4117"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2312:u=1:x=1:i=1648675808:t=1648762208:v=2:sig=AQGk3DJGF_hDpgG6fNNWWYZ7m1w4J5Yi"
.doubleclick.net/ Name: IDE
Value: AHWqTUlMQ5QsWGdDeCl-PRcW56W2u-rmrNJ4C2wx0pZ57cBjtuR8qhtCw4YFwgLnJQ8
.cyberscoop.com/ Name: _fbp
Value: fb.1.1648675808608.1709222769
.twitter.com/ Name: personalization_id
Value: "v1_W3ViRE6Fh2OYGqLFvEv2fA=="
.t.co/ Name: muc_ads
Value: 2031037d-28b7-4b4d-8b58-76dd4d260eb1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220330213008fe3a0b48-6b1d-4100-8ee9-52292bbed7acAQGKX8U7lt2Sy1DvKBdmWyr-yxIBMqT2"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg2NzU4MDg7MjswMjE3edEfoIUeFDT94iHCNOEq+0qKU+sALfOzwAjz+fW28w==
.cyberscoop.com/ Name: __gads
Value: ID=2b94b7c6580461f2:T=1648675808:S=ALNI_MYbTpsTgXAtAO69kbnWzoNPXtjAfw
.bizibly.com/ Name: _BUID
Value: 0e803336eeff3e75a9a25cca583784cb
.cyberscoop.com/ Name: __hstc
Value: 143679850.168a3d1570b488a4a98706cf64918860.1648675809964.1648675809964.1648675809964.1
.cyberscoop.com/ Name: hubspotutk
Value: 168a3d1570b488a4a98706cf64918860
.cyberscoop.com/ Name: __hssrc
Value: 1
.cyberscoop.com/ Name: __hssc
Value: 143679850.1.1648675809964
.hubspot.com/ Name: __cf_bm
Value: uuR2ty4_MGJLm94VJjBi66G6KTvayoi3W6Q3GMNyZcc-1648675810-0-AQdgvEwjXWUjgkXdmypm3TsePCPLCq6EiofrM2WsV5WtfmK2jC0UpFj4QZbRS+1qfZ+j/1Y2xgCo3X/nsywINZg=

3 Console Messages

Source Level URL
Text
network error URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=882940942;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
javascript warning URL: https://z.moatads.com/goodway341003946512/moatad.js(Line 133)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3831467914c2ad3b9b798a1aaa0d9afb.safeframe.googlesyndication.com
6466223a97cbddfa2b7b913c69d379d1.safeframe.googlesyndication.com
8123bda7776da4c038c12965fe4b298a.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
cdn.bizibly.com
cdn.taboola.com
connect.facebook.net
d5e51224e5dfa86310d761f5cb5e7a94.safeframe.googlesyndication.com
dt.adsafeprotected.com
f087f8d00922dde8664f5b73b7f04d10.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.wp.com
public-api.wordpress.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
s0.2mdn.net
s2.bl-1.com
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
track.hubspot.com
trc-events.taboola.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
ad.atdmt.com
104.244.36.20
104.244.42.131
104.244.42.5
108.157.4.90
13.107.42.14
141.226.228.48
142.250.185.230
142.250.74.194
142.251.36.66
151.101.1.44
152.195.15.58
192.0.76.3
192.0.78.22
199.232.136.157
23.35.237.151
2600:9000:206f:3c00:8:48e:53c0:93a1
2606:4700:10::6816:47c5
2606:4700::6810:5905
2606:4700::6811:44b0
2606:4700::6811:b649
2606:4700::6811:d6cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a02:26f0:fb::5f65:58e0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.212.151.50
52.217.68.46
54.77.162.139
001082ed5a8d873d054c2e28137a380862234c640a8c73de60c41f52e54e77f6
01c254205edb3dab76d3bcdb9e37fc8687db6fb61d266cbba48a346290969070
051c4417e681ae773286e1e66130db17240e59c2acd374fb0f51da9d809a63fb
05f36ce8adc8b0feb9adb584292aacc7bf5b7090e72511dad588b662be1baafe
09834627a3dd59f271dbcdc04dc752545a8e7071e459a4e3cf815ab7a77ab567
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be801b9a9813235e4439271db0a1701ba85d15c324d8b9c8616f36b21b95534
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0e77c0d14fbc22583cd48f68900e95997a8c86c5ed1bccd4b0381f475ac7c32c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192
15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0
1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
22e3cd82e622e116657c70d03cc393b8b272b1df8aa96612129c9e172a0360ce
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
253b081413c72b4b39eb2c9752e442939e9c2f71576401d23556650f16716e2a
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a6252d7fdaba8dcab3d6c1b703ce2ba963117e4ed0bee67c7cdf80e76d08b90
2c5d210163f697597b42477956ab5e2bbed928e72efb5c5dce3e42ad6188a0c5
2e80467dc44e6486d8b931ea1a7e805475f42b3828a3e49add5eee2355f86d6b
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e8c324a0b4b5720623b88ed8acf95b9aa033d60a4da5ddc2cf3d8e000faf147
3e9fe2b12e3e778282370054a4e6ffe2cd28658ba1a00fd1372ce9c0d742eeb9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f8306162e2f7b6c09347a2d46e41791e7a01f3335ec7022476f94338616fc05
4fc14cf95f26ae4ca444158a829e2284bb8bc4ca75eefe3eb34fba16fa4f0a0f
501e11658b544f46ebda7e7549f436aab0925446a3bc42ea62ac6bd4d70b2f73
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5068f5b5608101bdb2e16c39a391105d4c428fdfa5f2f140e71e7d5cf3d6f901
51a3013424973090c337751474dd85e2b7035953dc5996a2542c6e24aedc304c
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
51c7c8754e51f9f258372ed3929ba77868ecd39959638dd70a1c1a4293f42a38
51e841ae906f8d9003aa8487c11792ceceaac3259e068c2cadceabfe7ede15b9
55096a10d125634c2fcf5626ca9c6c9e9b130ff25a5166c91c7b2c6505f4e54f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
574c0442e6b8176c29dd7d4ec193a449f13715ee68d68859b62accc91c7f73b5
5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
6136011f666dd2e72e18193c09633b7e309ef6a65e26771088fa314da1482c90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a32d68a3721a668ee9a94988a0098bfa3f7748f039ea64023ee868146bbcde8
6db26736205f164352c9df1403ba62140c35dfb4d1b08b4c626f1cb4cc3e61ac
7313c29833679e30c9b81cb0beeb6b1f3dd33d0a9ee67050dd3631cc014017a8
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
76158b342ddcc16addd32aa2435db4d85937e785f804bc9332c7ab9790d87326
7965009ce1702eb6692b31cb0c8806d9ad4912a7359d4258a21e8eed2db0bf1a
7b82af1ef946c9325afa3752aecf3e4a91d66a710cc7760abdd3df1438801fdd
7be891eabd2fe0481ac0c0669aa25cd64ed1b9c73bef2ad4bcc8ecf9a8d5a07f
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
807850a262a6b19d40394fe49556737daeeccc6cf18b1a691bbbba451b97d7be
81507479d769ae492fa40ff3858880fcf52e09b687f669a01b7358d7751bee1a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8375ad9b3c51a2023024be920bb1d24949e9ec945d202e552c202c8a856261e0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
86ab743ee978817ce83bc83d2f74aa6352212e44436ce8a7984c193fb973df74
890b708afd6ff7457e995248c777e7ccca6c21edb5c0864c1c57a3fa4d1ca070
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8d64cc55939894b26db75fbfcf21685a3642f89a9e6ea80c023cc8eb8046bb43
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
91de68ad0a8ee6dda34e5056bdb92e44aeb8b382205b6ca09d27c29a9bc01531
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
98d1278d1ae1396b8ef71a4e52bcd02d0846c545a9ad9b6e96b23c363b05e02c
9a30c872c20e7323068110e97a16ba0f572431cf84fa2d1f3a3e5d815e152de9
9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a00fc4320e45ba801af1c3980c5b2ef0719bd49ea0b91f36059066fccc8ffd44
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabba7daf1b9e681ad6f99210dc3c793c43487e815a44360490faf6747d7d32e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5099e30d77bd0ea30eefe5f9f57cad763fac2a22d4618fd506542d119940da1
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b58bf516fedf2482b3be6125c03b9a9ef1fa057f69e375fd96754b11b3565e74
b630c913043802e16d2e90cb8ff3b388f2b374e1e38cc9e8278df6a8c141c81e
b94f06ca7ef4ef504b19e70ce6b15c4b9e7dc034de479d31ec68c2429a053ca7
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bcb6bc54c244749fa3941a6ab071db82287ba81a3cc28a9b38e7137e3e926ab8
bd0d86837157841e0c89c2817027bbd38e8d8d462e481e6b3685b8f68224b9e6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c4555c6abe72d9a434a55399a81749f29950c804ed2ea983927a4824c5e293c8
c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
ca67f986b60dd057871e474c4987fb6499cba3b6f4a9bdb821a84d0f427b2ccc
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
ce28ae0a724a214690be785d29f6f7351b0fe4b5cda577eadff4c79f862431bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d7124f1e0e75e1706ec7d8f14cc3834ad3d90b3134b7d5b978ee1d40946e8940
d71ff0e13ede0182f72a670704a22dba490b1c30f0d0ed664c675bf5367e504a
d7ecbf6d0224b899abe402bb2c13343c0f9961b0b4c478219ae59fcde4f09289
d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd421c760b636652a9f1838d19e3723adff1c21c72802e12894ee62a5faa77a0
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2ddc725a1e56c4138a6e2bf0dc431f069fc63aa6dc017f3dbb462ac0886787b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f57d9bd3bde7b8fbaed30bcc9ed2da4879208492aaefaaf5517e57f43e3bf4d3
f7a6c9fb77380dc0b6112d42df1ba0c7d80a266d316e8fca3e8dd3e82d7edeb5
f8ef896304d0e442fe424594c6d047347ea9a553e733507f101952e15c7f41f5
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed
ff6caa0cab0a4eff3ee69c5eca378e73cf81e937eb93fd270f084c7f8acd5a90