www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8...
Effective URL:
https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Submission Tags: phishing malicious Search All
Submission: On March 16 via api (March 16th 2021, 12:47:35 pm UTC) from US

Summary HTTP 264 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 33 domains to perform 264 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.225 199.60.103.225	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 38	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
52	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
11	52.216.244.198 52.216.244.198	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.252.184 52.218.252.184	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3 6	34.246.59.179 34.246.59.179	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2 5	35.244.184.212 35.244.184.212	15169 (GOOGLE) (GOOGLE)
2 2	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
1 4	52.210.171.182 52.210.171.182	16509 (AMAZON-02) (AMAZON-02)
8	52.19.217.116 52.19.217.116	16509 (AMAZON-02) (AMAZON-02)
6	3.215.71.212 3.215.71.212	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
264	47

2 199.60.103.225 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.244.198 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.252.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:58e::25ea (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.59.179 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.184.212 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 212.184.244.35.bc.googleusercontent.com

linkto.ext.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.127.121 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.171.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

hp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.19.217.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.215.71.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-71-212.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com tpc.googlesyndication.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com 1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com ade.googlesyndication.com	447 KB
38	cyberscoop.com 4 redirects www.cyberscoop.com	519 KB
35	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	619 KB
24	googletagservices.com www.googletagservices.com	559 KB
21	2mdn.net s0.2mdn.net	461 KB
20	adsafeprotected.com 3 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	282 KB
12	amazonaws.com s3.amazonaws.com s3-us-west-2.amazonaws.com	503 KB
7	google.com adservice.google.com www.google.com	2 KB
5	hp.com 2 redirects linkto.ext.hp.com	1 KB
4	demdex.net 1 redirects hp.demdex.net	3 KB
4	google.de www.google.de adservice.google.de	2 KB
4	gstatic.com fonts.gstatic.com	95 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	1 KB
2	ojrq.net 2 redirects www.ojrq.net	911 B
2	facebook.com www.facebook.com	495 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	94 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	651 B
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	t.co t.co	448 B
1	google.ch adservice.google.ch	799 B
1	hs-scripts.com js.hs-scripts.com	928 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	hsforms.net js.hsforms.net	129 KB
1	taboola.com cdn.taboola.com	22 KB
264	33

	Domain	Requested by
38	www.cyberscoop.com	4 redirects hubspot.fedscoop.com www.cyberscoop.com
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com tpc.googlesyndication.com f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com ad.doubleclick.net hubspot.fedscoop.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
30	pagead2.googlesyndication.com	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
24	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com www.googletagservices.com f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com s0.2mdn.net
24	securepubads.g.doubleclick.net	www.cyberscoop.com securepubads.g.doubleclick.net hubspot.fedscoop.com www.googletagservices.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
21	s0.2mdn.net	f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com hubspot.fedscoop.com s0.2mdn.net caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com www.cyberscoop.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	static.adsafeprotected.com	fw.adsafeprotected.com f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
7	googleads4.g.doubleclick.net	ad.doubleclick.net hubspot.fedscoop.com
6	dt.adsafeprotected.com	f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com www.cyberscoop.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
6	fw.adsafeprotected.com	3 redirects ad.doubleclick.net hubspot.fedscoop.com
5	linkto.ext.hp.com	2 redirects f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
4	hp.demdex.net	1 redirects f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ad.doubleclick.net	www.googletagservices.com
3	adservice.google.de	securepubads.g.doubleclick.net
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	ade.googlesyndication.com
2	track.hubspot.com
2	www.ojrq.net	2 redirects
2	1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	www.google.com	securepubads.g.doubleclick.net www.cyberscoop.com
2	px.ads.linkedin.com	1 redirects www.cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	t.co	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	s3-us-west-2.amazonaws.com	www.cyberscoop.com
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
264	49

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.buffaloschools.org
buffalonews.com
statescoop.com
edscoop.com
www.crowdstrike.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
cyberscoop.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
linkto.ext.hp.com DigiCert SHA2 Secure Server CA	`2020-09-29` - `2021-09-30`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Frame ID: 6904F9347869A29DF616AE409DA02C6B
Requests: 93 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware
Frame ID: 54D1CD1635D9C6304EE5B077A6C7006E
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware
Frame ID: 10D37C847DF169203B85BB135CB726F6
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware
Frame ID: 26EE03236BA1D23AA40B2E402A8E0F38
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware
Frame ID: F63BAC7199EFB76271D6CB47CFA6C18A
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6fNQsjOmONS2G10YlYRstvPWj2AVhE1XrVAcU5WEfN-uabZZ71gEbpg6AHjMz7M7uMBea1xq04cMoRIeggQH8YkE-Pdxtz5Y8F2WTXrrZiiintfeJu0pcoqLjvjXXs4ArQDQvQRQNoHpsGax2dG4rHRg8WRWq7mcdQDOozqD-465RRpV8drO_kSi2NyseYX5CEDj3_nbG46WB3hqsSOPxoLApLe5l259j1xIr8RAaN37RLaaRoFXPmCGvZlX75HsFEvgjkyFr_ynbOEWsVYb36_cb5tQMsYYeekCDlgx3vQ&sai=AMfl-YQ9Fon8_RzeFwFTq6o0xQDCZfKEZU-sO-zJ3u_53kD3wViPlc0IXwYUpzCaGaaxQrzOkbjPR8V5vVhiLt4D01mQjwoL8dUVTwuBd4e1lbDmntrh_DAB64WeO52SwmU&sig=Cg0ArKJSzCeLoPICotsBEAE&adurl=
Frame ID: E9C52FB4C589B619AE801702AC7D22ED
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfFHH_9WdtyuNmucANONtqfRcjsMRhqOHAAutRDuoBWcNcOcQ-DnLu9v7vQYJAFvDI6IZHvpi41mVG6wQTyroLgUk0OAiXSwqgq6kdxJ4_5d5WXiJ1wmFVCR_ist558_3x46jdMPtFg93bdd3LMtL4wCXt5vD_vmnJDNaN8YSAGqZrOugqVfz7nxXiE6TmoIN1l2PykItyPEAnOMqlqcspJRsqrtm05UBesEFXtdC4itqoHSTEh8-_NbTJqHG6gA1AVntFtT2s2jdP_FDUnzz4DlpBWvni6bofNsJIp_L3QMEdVqX5SA&sai=AMfl-YSXsVio9ILkEbaEw88HBeRkBLwWDmd_p0qj1HQHXlRAwIHxB6lGlAQars9bFBDVKVfdVlZbtiDN-CVy6x90UGVaEL9pm2Tyjkn1MKGAe4cvzoCjxWTruvoMkjLR9X3O&sig=Cg0ArKJSzIjnFZgNXDEmEAE&adurl=
Frame ID: DC7EC094AD690F74F8757FA05E35B495
Requests: 6 HTTP requests in this frame

Frame: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 195F0E0044AC5D3950AF05731F3E7921
Requests: 23 HTTP requests in this frame

Frame: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 9F5D02FE8F69D2E624E827447BCD08BE
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3D7F63725A107E24A039E1C6F6427848
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 620DC255F026E82979B96A510EA8F078
Requests: 2 HTTP requests in this frame

Frame: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 8E5DA7FDF68505EF9A29F1ED840AA70A
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F628C8265950330E32C27BD48E4B82F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8350C8EF8AF5822ABED1572F36408E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4807732/1613010712972/index.html
Frame ID: 888711583372F01598AD20EDB37A97C0
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 0FBF5103B7FB572DBDD48A81E6FDAF5F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: D19F54FC1C5339D15D2DFF9407F840E2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujfK9GjJ4aiikcgiogFiZjdxesWCZDNbTm3IiUwnGKmRowuLPLvI8OD5h22gS_S7Jv57Ttz149PG388pj4NwcTUFXHciwC7hjm1gLnvTgxW6_-RcpxluMCVQpDjA_px5uQWx-edsuJ4sfb7dNGQ3DimhAl8CE4nT5vMhalENUG_FQorDiDJ_sqlFyVYzrJ8FDaMuopzUbYdDphobODdiTpLEVtVaAVJyuyX1AUP_AUqziUBkmGIP6JTqErbVc2a4wnYtlj4CiQx0AOqTMaRMNvWKJx2ow9hJwkvDo_OgrVJ2u8xNz5eUED6MIKpWjkJ9H-TZgGGc4&sig=Cg0ArKJSzExUrYu5agxjEAE&adurl=
Frame ID: 0FF64F2220157ED7203DB8BEA2D9E439
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 628922DDB16B04C86810BE8B16E941B1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
Frame ID: 161A22261927DAD804132BCEDA27F0F6
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 91FF6E89BC39B80AF439E2120F99B39C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 056637EC1A1A88891C389A485E1A510D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 48C0220A93C08A14200653FD7B47CAC5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3DCCEFA116A0FCFC2803FE7503FFF005
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld5... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V... HTTP 307
https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

264
Requests

100 %
HTTPS

63 %
IPv6

33
Domains

49
Subdomains

47
IPs

4
Countries

3913 kB
Transfer

9234 kB
Size

5
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.buffaloschools.org/cms/lib/NY01913551/Centricity/Domain/8/Cybersecurity%20Update%20Letter%20final_03142021_-2.pdf
Title: announcement

Search URL Search Domain Scan URL

URL: https://buffalonews.com/news/local/education/buffalo-public-schools-was-victim-of-ransomware-attack/article_e9efa01c-8335-11eb-9b7a-83dd46be27ee.amp.html
Title: The Buffalo News reported

Search URL Search Domain Scan URL

URL: https://statescoop.com/cyberattacks-k12-schools-more-aggressive-cisa-warns/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176
Title: Department of Homeland Security warned of a heightened ransomware threat

Search URL Search Domain Scan URL

URL: https://edscoop.com/k12-cyberattacks-rose-2021/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176
Title: ransomware attacks have had an outsized influence

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/resources/reports/global-threat-report/
Title: CrowdStrike research

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1&__hssc=143679850.1.1615898838625&__hsfp=2176140176
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1?_ud=8dc2138a-bde1-4ef0-8d18-0ae42d8861fa&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education,fbi,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware

Request Chain 34

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=technology&tags=education,fbi,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware

Request Chain 35

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=technology&tags=education,fbi,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware

Request Chain 36

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education,fbi,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1615898830033%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fbuffalo-public-schools-canceled-cyberattack-ransomware%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&liSync=true

Request Chain 155

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294977047%26level%3D1%26srcref%3Dhttps%253A%252F%252Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047&level=1&srcref=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R

Request Chain 156

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305 HTTP 302
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305

Request Chain 176

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D295827108%26level%3D1%26srcref%3Dhttps%253A%252F%252Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108&level=1&srcref=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R

Request Chain 179

https://fw.adsafeprotected.com/rfw/st/582938/52662248/4.js?adContainerId=gcc_1ahQYO7CF9jG7_UPtNWOcA&cbFunctionName=goog_wrapCb_1ahQYO7CF9jG7_UPtNWOcA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:5eab906d-25bf-1dd0-e77c-182d1de9605e,c:723atm,sl:na,em:true,fr:false,mn:app03ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:srPcQvg+111*.582938-52662248%7C1111%7C112%7C1131%7C121%7C122%7C1311%7C1312%7C132%7C133%7C14%7C15%7C16%7C17%7C18,idMap:111*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:27,oid:bd908853-8655-11eb-8a51-0a6fa201f3de,v:19.8.172,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 192

https://fw.adsafeprotected.com/rfw/st/582938/52802480/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:15585a4f-ff1e-b3c2-f82b-0f2b5b461089,c:723aw8,sl:na,em:true,fr:false,mn:app15ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:srPcQuf+1111%7C1112%7C112%7C113%7C121%7C122%7C131*.582938-52802480%7C1311%7C1312%7C132%7C14%7C15%7C16%7C17%7C18,idMap:131*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:1,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:262,oid:bd90d632-8655-11eb-afb0-0a320acf4edc,v:19.8.172,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 235

https://fw.adsafeprotected.com/rfw/st/582938/52802481/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:4c768b55-4812-e862-ac94-4656d905b221,c:723aDB,sl:na,em:true,fr:false,mn:app05ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:srPcQDh+11111%7C1112%7C112%7C121*.582938-52802481%7C1211%7C1212%7C122%7C13111%7C1312%7C1313%7C132%7C141%7C142%7C15%7C16%7C17%7C18,idMap:121*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:164,oid:bdddbe00-8655-11eb-8663-02bf2b86cc68,v:19.8.172,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

264 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss... Show response
hubspot.fedscoop.com/e2t/tc/ 8 KB
3 KB 147ms
94ms Document
text/html 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31069f0b6053613d3017a28f695fca6f0a65e2ced753c235fc03a4179c0ba1e3

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:08 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d050a93b9d441ff40d446d75d3821e9d11615898828; expires=Thu, 15-Apr-21 12:47:08 GMT; path=/; domain=.hubspot.fedscoop.com; HttpOnly; SameSite=Lax __cfruid=ce550182177fadec88a82aab2f74226057f6b3ff-1615898828; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
cf-ray: 630e169ddf3a2325-ZRH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08dcac76a30000232552247000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=31zUAE%2B2HD2kafdzG46COyoFehel0tHiscKocSFZmpZMlguFSyUTH8t6O1cy7X29UO9wJkNYAiaBRDDfCdkFtGsmIfHPI%2Be1CWdFdqVnVQWpq0MDiw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FT...
https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

52 KB
13 KB

463ms
220ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

74cbd6a6b80c96edaa9f48a27ca9628c2b141931b87a5a5cc66210d3ae8eafd3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /buffalo-public-schools-canceled-cyberattack-ransomware/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1

Response headers

server: nginx
date: Tue, 16 Mar 2021 12:47:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/54768>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=54768>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Tue, 16 Mar 2021 12:47:08 GMT
location: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
cf-ray: 630e169e997c2325-ZRH
link: <https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08dcac771a00002325a0857000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RlSq6ESm6IJr%2BKINZ7VGKLAsVIZQbtluKUBk4f2o%2BaoaX0Kte8HNIpsGg6m8mR9nSFqx3byx1hSfDhUG1hoq4n9Fy2B5sYV5XskkSfzjXFGwTGdNtQ%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
www.cyberscoop.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 125ms
120ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 125ms
121ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 07:58:31 GMT
server: nginx
etag: W/"6041e4a7-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
826 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e67174640462cfafc9e7dadb0f1ae4b930a564eb910bdce4c5a963e9efa28212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 12:47:09 GMT
server: ESF
date: Tue, 16 Mar 2021 12:47:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
642 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 11:12:59 GMT
server: ESF
date: Tue, 16 Mar 2021 12:47:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 125ms
121ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 jquery.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 95 KB
33 KB 125ms
121ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-17a69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 125ms
121ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 129ms
126ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 129ms
126ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 129ms
126ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 129
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 64 KB
22 KB 186ms
133ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 205aa8edd302b8ab33ae31bf06f25c37acbbf99ada33713925b07d3c0faf748b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vtdQuhPd7I_P4UiKnMygdCE6RhCaKLlb
content-encoding: gzip
etag: "a04a7b8eee2c8f6d08e12a1bf6b3504a"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21996
x-amz-id-2: lpUtQCRd9idzfPUo3cdx0WZbdRfEi8s6iovFwJDuk33Q6bksOOqxvfXlg/4tD2qVUpf8eAgNOF8=
x-served-by: cache-fra19182-FRA
last-modified: Tue, 09 Mar 2021 16:36:56 GMT
server: AmazonS3
x-timer: S1615898829.282616,VS0,VE105
date: Tue, 16 Mar 2021 12:47:09 GMT
vary: Accept-Encoding
x-amz-request-id: ZAE4XMJ1MNAJXZ1B
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 129ms
126ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 138
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 129ms
127ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 323ms
321ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 213
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 323ms
321ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 101ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

a06bc0ee56270eee8892c341d7d2f81090296a7fcbdd94964f95950ee158940b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 709 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19719
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 498ms
136ms Image
image/svg+xml 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: RQTTM8AJRRRAGEE4
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: K8j1EtqrEAIHaNHrbGwegvht2TZIwQjsSAp7fEcBPAcKRSAgJAf+LzRmX2GXEdi7AFcldcFB3Iw=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 502ms
138ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: RQTJE1FPMKM7WN42
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: QhQOnZPXs/NjYC02FxPxfwTtPXdSYv+u5JYvEyRMkoduGpD13QD9GCycEUfjRWF9lNnnuPDYlUU=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 126ms
119ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 126ms
120ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 127ms
120ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 127ms
120ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 127ms
121ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 518ms
154ms Image
image/svg+xml 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: RQTPH26EFHPVT4TG
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: nIFOtY3TzUld3722Q36DwzVBIpv9yw0wR72uJ63GiGLlRR+90uJkI4ButTDCiTpXJt5K+Kq8UtU=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 525 KB
129 KB 50ms
33ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcac7af900004e1f750cc000000001
last-modified: Tue, 16 Mar 2021 09:23:29 UTC
server: cloudflare
etag: W/"9d668cfc7c391b8538a113832f54ab8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7gYKT0zfnApyVcbf63x66YnyZAK4Vtu5%2FjH%2FM8qUM0AjZBQ%2Briplk8YJVhYL1GhfpO0EGNP08%2FYtWcC9%2FwYdPC%2FJ0Qp07wvklffmj%2B%2FAG3R3jjy%2BHvGLWPeYeA%3D%3D"}],"max_age":604800}
x-amz-version-id: Im9LyHkEZJN8A9pTrxephGQMCSB7CbwW
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 630e16a4c8a74e1f-FRA
x-amz-cf-id: nVMQFOUc448fVavZXZ-Gz_bwuL3JOhHZJedWN8AAL1MzYrdGrazO6w==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 852 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 119ms
119ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
990 B 127ms
119ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-59a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
50 KB 33ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0aa7f0ca25ad3ff110c8eb2e3d666373b45af098faccc614d93481ae282c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50881
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 127ms
122ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-37a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 119ms
119ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Wed, 16 Mar 2022 12:47:09 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 44ms
24ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92511
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcac7b3000004a73fdbb3000000001
last-modified: Mon, 15 Mar 2021 11:04:59 GMT
server: cloudflare
etag: W/"146fb-5bd91388499a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 630e16a5180f4a73-FRA
cf-bgj: minify

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 54D1
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education,fbi,ransomware
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware

2 KB
1006 B

3738ms
3738ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

d20d404c5643f4d1711fd9ac35406f29cd8d717c2bef7ca8261c17afbd02d866

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Response headers

server: nginx
date: Tue, 16 Mar 2021 12:47:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 16 Mar 2021 12:47:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware
x-powered-by: PHP/7.3.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 10D3
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=technology&tags=education,fbi,ransomware
https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware

1 KB
870 B

4315ms
4315ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

9644ec29293f7eb4a7dd102a0737fd29431ac560f4ff06422c06dd31953969dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Response headers

server: nginx
date: Tue, 16 Mar 2021 12:47:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 16 Mar 2021 12:47:12 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware
x-powered-by: PHP/7.3.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 26EE
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=technology&tags=education,fbi,ransomware
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware

2 KB
970 B

3536ms
3536ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

ac42713a79bcf0c9f614d3744f6d3c611200f8b54696dc3fb7f58b38c2738cba

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Response headers

server: nginx
date: Tue, 16 Mar 2021 12:47:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 16 Mar 2021 12:47:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware
x-powered-by: PHP/7.3.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame F63B
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education,fbi,ransomware
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware

2 KB
1 KB

3787ms
3787ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

ef6544e1a20e9a517c91898515ddb92b19da4c49be3d9036aa411010085fe304

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Response headers

server: nginx
date: Tue, 16 Mar 2021 12:47:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 16 Mar 2021 12:47:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware
x-powered-by: PHP/7.3.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 496ms
139ms Image
image/svg+xml 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: RQTJGN5WQZXHCXC3
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: ixg4VuoFrnj1XR07jyQmgC9T+LKwlRXId0Q/MyG7ne0IZr+GDjZaFv88ny4Sh31U0f8Du9q5Tjs=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 525ms
152ms Image
image/svg+xml 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: RQTVTKZMX9Q1DYD4
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: lV02pkZ5wddLA8zOFxTEEuN6EgxRRJ3O2oBm4hffPIq+r3CgZWsHRcPd/I5f+WcEqCAZ37Yf69Y=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GettyImages-1204134240-Cropped-min.jpg
www.cyberscoop.com/wp-content/uploads/2020/03/ 309 KB
310 KB 120ms
119ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2020/03/GettyImages-1204134240-Cropped-min.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 769a9143fb3b45eea61e6aab06806f072dd345f1ea8f4e24b06c024c9b69152a

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:46:17 GMT
server: nginx
etag: "5f8eb1e9-4d4cd"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 316621
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 GettyImages-477568379-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/03/ 9 KB
9 KB 210ms
210ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/03/GettyImages-477568379-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b4eb0c1b55098815f07b414c433a5f32199e1b3f7a263c8f33a1e64fd1a41eed

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Mon, 15 Mar 2021 21:09:05 GMT
server: nginx
etag: "604fccf1-2202"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8706
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H/1.1 200
OK chrome_pin.jpg
s3-us-west-2.amazonaws.com/cyberscoop-media/wp-content/uploads/2016/11/01170706/ 449 KB
449 KB 816ms
215ms Image
image/jpeg 52.218.252.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cyberscoop-media/wp-content/uploads/2016/11/01170706/chrome_pin.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ff636c1f4e54c94076c92871dd22654f2fb173aafce69def369dceaf72c161f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Tue, 01 Nov 2016 21:06:57 GMT
Server: AmazonS3
x-amz-request-id: RQTWW66620451Z76
ETag: "c1d9ac3b4ff4830a4f55474d0fcfb716"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 459566
x-amz-id-2: yAN5QuWefalaqVSvDWhIkSbgusFM06Hi5x68hClSVZa449D8uFODk/EiO+3Y/B7vlOLhLeIiL0w=
Expires: Wed, 01 Nov 2017 21:07:06 GMT

GET
H2 200 GettyImages-109831341-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/03/ 12 KB
12 KB 209ms
209ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/03/GettyImages-109831341-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6562a35db7220433c819e4e9bebd39fa972c8b7dc6bba09a3402509b1c60429e

Request headers

Referer: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Fri, 12 Mar 2021 20:29:40 GMT
server: nginx
etag: "604bcf34-30c9"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 12489
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:55:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:15 GMT
server: sffe
age: 463887
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21304
x-xss-protection: 0
expires: Fri, 11 Mar 2022 03:55:42 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 209ms
208ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:30:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:45 GMT
server: sffe
age: 65795
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22336
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:30:34 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 11:21:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 350745
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Sat, 12 Mar 2022 11:21:24 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:16:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
server: sffe
age: 484268
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21244
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:16:01 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ 284 KB
100 KB 86ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:09 GMT

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11092793
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcac7bcf00004a73453a0000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 630e16a619b74a73-FRA
cf-bgj: minify

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 147ms
130ms Script
application/javascript 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b6b49fe8d5d89124cdaf16bc61860188ab92ee583d9fab9409d7b896466bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08dcac7c0900004aaa33358000000001
server: cloudflare
x-trace: 2B0EA7D0DAEDE39D84B9FE12065A260F5248659456000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 630e16a678144aaa-FRA

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 123ms
119ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 361
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 123ms
119ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 481
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 123ms
119ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 946
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 123ms
119ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Thu, 15 Apr 2021 12:47:09 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 406ms
132ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTVA0EJJMVZKGDY
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: ZEWPtqdMMV4blp0Jt3SqSvk/7mZjWMFwp6fG0rWmZUWr0/kZCVX8ZC07WuJfmAc3SkP46Oj4q0Y=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 136ms
133ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTQYX1XEA6DGYZM
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: Mk23qeeMmiYiJ5GFwsID8lUZU44sCTVoFswRaHapqUJfbRwEYtihaR0PUFPNQIGSlY95rW/6Mlo=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 139ms
131ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTJY1NSA83N0BKM
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: qPtY0SNNNxN2SHIdtohlplzpx/p7+8pFtJxgOpJXdPtqvjhXPAhN0p4mnb5q34Qsg759MKVNjao=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 141ms
131ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTTE1RZGF740K0K
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: OdV2T/PZq1ZWjhXHM/xyDuBb3jIgyzTCQp60D4bne+JfL/M8O0CVl01WXYcgZ7u02xSpMkXN4ts=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 161ms
139ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTQD1BYJDMN27BQ
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: 80pQl0kaxUqgLAu+34ey0WKZnun08t1TyriLuyvcYCvMKyZjVWayajjev1MbZuYOPHB/18EjF6c=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 199ms
138ms Image
image/png 52.216.244.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.244.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:11 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: RQTS50PMHFP1X7Q8
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: dECAxD3VjisXL5DWEhY9wrWYZFIx/QA2xDm1qb8QyJoroGtRNcuGGuwNsLF5pgeb6gYl0IwC3aU=

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 12:47:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21518
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 80ms
26ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:09 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 42956
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1615898830.935818,VS0,VE0
x-served-by: cache-hhn11575-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 21ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: sEcxdG/SObGq9MMo7SiESaWPQCcnnXcnDXTSUdHpNo3O48X0uVBJn5LW16UZnBDqmfD+p1Gi9nx5LLPgCdh7qQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 12:47:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 942 B
928 B 150ms
128ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee0c52ac0e20f758a362a1908f240305ee76e793f9d13694dd6464dd8ce52c1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B11847961519BF734D98C65904486F250EE41DF8D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 630e16a6d90d4e38-FRA
cf-request-id: 08dcac7c4500004e38d29b6000000001
expires: Tue, 16 Mar 2021 12:48:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4724
date: Tue, 16 Mar 2021 11:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 13:28:25 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 61ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=3275635796553989&vrg=2021031001&nw_id=18430785&nslots=2&eid=31060312%2C31060459%2C31060011%2C31060211%2C31060367&pub_url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&start_time=1615898829986&end_time=1615898829989&num_slots_filtered=0

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
248 B 61ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 51ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 38ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 66ms
64ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3275635796553989&correlator=1416798447955146&output=ldjh&impl=fif&eid=31060312%2C31060459%2C31060011%2C31060211%2C31060367&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1615898830&dt=1615898830010&dlt=1615898829201&idt=778&frm=20&biw=1600&bih=1200&oid=3&adxs=480&adys=365&adks=113530204&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=640x-1&ga_vid=1367207992.1615898830&ga_sid=1615898830&ga_hid=100804557&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c185bd03bb3f1ff582edd7f74108628a4305efbdf1b8e898e4a52ff7dc9534d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11348
x-xss-protection: 0
google-lineitem-id: 5624648846
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340608376
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
11 KB 69ms
67ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3275635796553989&correlator=1416798447955146&output=ldjh&impl=fif&eid=31060312%2C31060459%2C31060011%2C31060211%2C31060367&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2Ccswelcomemobile&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1615898830&dt=1615898830019&dlt=1615898829201&idt=778&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3498381169&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=300x-1&ga_vid=1367207992.1615898830&ga_sid=1615898830&ga_hid=100804557&ga_fc=false&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd06af8bdd416d68b2aac7c8cd80a32b29a4d7955ec52737c5799d24525c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11282
x-xss-protection: 0
google-lineitem-id: 5624127511
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340608208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 55ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
7ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1615898830033%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&liSync=true

0
58 B

197ms
196ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&liSync=true
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: +smgzGzTbBZAu0O1+SoAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: +gSFwWzTbBYgGME4MSsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: D691F84A134B43E2AC0DD6E18BAD635F Ref B: FRAEDGE1121 Ref C: 2021-03-16T12:47:10Z
date: Tue, 16 Mar 2021 12:47:10 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1615898830033&url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bc3cb4cb74612170cc4990020f34799300449837c00d2b3ddbd52fd69d03cae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70572
x-fb-rlafr: 0
pragma: public
x-fb-debug: iGvFnJSJ6OsT9xiqnNBnPdoqRfrEh99brM+Nd04nEWzEslF7OfWMg0XCJEbZw+rQTTFMEKG9PxpVkWWTH9r9ng==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 12:47:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=100804557&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&dp=%2Fwelcome%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&ul=en-us&de=UTF-8&dt=Buffalo%20Public%20Schools%20cancels%20classes%20after%20cyberattack%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=588777607&gjid=1860120810&cid=1367207992.1615898830&tid=UA-80491860-1&_gid=919411656.1615898830&_r=1&gtm=2wg330KR697BF&z=57949105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 217ms
150ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Tue, 16 Mar 2021 12:47:10 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5100d16f6a7a14afaccd68d215b1db35
x-transaction: 00c78d100042fddd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
588 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 12:06:18 GMT
server: ESF
date: Tue, 16 Mar 2021 12:47:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 59 KB
15 KB 39ms
18ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238a0dfc2120b106897fa306bec3267cd2338bf6c0264a2ae8f2c242a4176eb0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 61
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: W17C6AC9QCNT3K11
x-amz-id-2: 4ufFLLZdSOpl0yV2H02ADIJ4NPhkUOWO5ZFDJ6dPDlpanS/ckETk3qk8/gGb/Vs7fZaukUjpRBk=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:52:05 GMT
server: cloudflare
etag: W/"56ce832781fa7a76917acdc3ae79c324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: El1Wjv_xSqNav5tdv7pELtHmoX3xiVvI
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 08dcac7d2b0000d72d893bf000000001
cf-ray: 630e16a84d57d72d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 16 Mar 2021 12:51:09 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1615898700000/ 61 KB
19 KB 32ms
16ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1615898700000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a97554ba9d23f6d4529f6576044c8650daeb476cac9f9b8558c0b266317a5a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 68
x-guploader-uploadid: ABg5-UzExNU_p0-N-aF8uSzHj_-2Li0wH7Pb5U0k8Yg67Hx2mofn9qzI708hqd69Kd8axIwyBvW4DQFaMugrw7zjJg0
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 08dcac7d2700002b7dbc82e000000001
last-modified: Tue, 23 Feb 2021 21:57:43 GMT
server: cloudflare
etag: W/"63bfb6023fb1797fe1098812de1c22ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KGXZrQ==, md5=Y7+2Aj+xeX/hCYgS3hwiqw==
x-goog-generation: 1614117463288512
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 62707
cf-ray: 630e16a83ffd2b7d-FRA
expires: Tue, 16 Mar 2021 12:51:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-80491860-1&cid=1367207992.1615898830&jid=588777607&gjid=1860120810&_gid=919411656.1615898830&_u=YAhAAEAAAAAAAC~&z=2038235753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 12:47:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9C5 0
0 63ms
63ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6fNQsjOmONS2G10YlYRstvPWj2AVhE1XrVAcU5WEfN-uabZZ71gEbpg6AHjMz7M7uMBea1xq04cMoRIeggQH8YkE-Pdxtz5Y8F2WTXrrZiiintfeJu0pcoqLjvjXXs4ArQDQvQRQNoHpsGax2dG4rHRg8WRWq7mcdQDOozqD-465RRpV8drO_kSi2NyseYX5CEDj3_nbG46WB3hqsSOPxoLApLe5l259j1xIr8RAaN37RLaaRoFXPmCGvZlX75HsFEvgjkyFr_ynbOEWsVYb36_cb5tQMsYYeekCDlgx3vQ&sai=AMfl-YQ9Fon8_RzeFwFTq6o0xQDCZfKEZU-sO-zJ3u_53kD3wViPlc0IXwYUpzCaGaaxQrzOkbjPR8V5vVhiLt4D01mQjwoL8dUVTwuBd4e1lbDmntrh_DAB64WeO52SwmU&sig=Cg0ArKJSzCeLoPICotsBEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame E9C5 17 KB
7 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:43:26 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame E9C5 2 KB
1 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:41:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9C5 112 KB
34 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E9C5 0
0 22ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnsAjuTCZcfiANVlonRXuB5M0QqsTP2NaekGgtTZkzY_TMziF27JuEYLXQYNxtzA0DYO0i
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 8458084107435849948
tpc.googlesyndication.com/simgad/ Frame E9C5 61 KB
61 KB 38ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8458084107435849948

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d5a1e46e6ed77b0d37d926b2ea6617cd26713d964d8b3bb8f6361d7c366ef9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:35:53 GMT
x-content-type-options: nosniff
age: 483077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62143
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 21:34:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 22:35:53 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 41ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC7E 0
0 63ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfFHH_9WdtyuNmucANONtqfRcjsMRhqOHAAutRDuoBWcNcOcQ-DnLu9v7vQYJAFvDI6IZHvpi41mVG6wQTyroLgUk0OAiXSwqgq6kdxJ4_5d5WXiJ1wmFVCR_ist558_3x46jdMPtFg93bdd3LMtL4wCXt5vD_vmnJDNaN8YSAGqZrOugqVfz7nxXiE6TmoIN1l2PykItyPEAnOMqlqcspJRsqrtm05UBesEFXtdC4itqoHSTEh8-_NbTJqHG6gA1AVntFtT2s2jdP_FDUnzz4DlpBWvni6bofNsJIp_L3QMEdVqX5SA&sai=AMfl-YSXsVio9ILkEbaEw88HBeRkBLwWDmd_p0qj1HQHXlRAwIHxB6lGlAQars9bFBDVKVfdVlZbtiDN-CVy6x90UGVaEL9pm2Tyjkn1MKGAe4cvzoCjxWTruvoMkjLR9X3O&sig=Cg0ArKJSzIjnFZgNXDEmEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame DC7E 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:43:26 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame DC7E 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:41:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC7E 112 KB
34 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 18114022495288040797
tpc.googlesyndication.com/simgad/ Frame DC7E 24 KB
24 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18114022495288040797

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6df8111e696f634b41e58c3ea22b3a4cc92d1a6a860733c98adff55852796ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:48:07 GMT
x-content-type-options: nosniff
age: 370743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24906
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 21:32:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 05:48:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 25ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&rl=&if=false&ts=1615898830170&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615898830166.310539010&it=1615898830057&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
248 B 26ms
25ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-80491860-1&cid=1367207992.1615898830&jid=588777607&_u=YAhAAEAAAAAAAC~&z=1364066701

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-80491860-1&cid=1367207992.1615898830&jid=588777607&_u=YAhAAEAAAAAAAC~&z=1364066701

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E9C5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d09606a69011d0f2afba1c828a730dbfa71b8797c3949633bea9656df17b47e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9C5 0
0 111ms
76ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuH5o-0fEXzB1WFl0dWccqJN-qKXYKDPeP4Er0wO1U8nzv-3iTWssxTU2s4R19NaKaMefXZuSARS88iAiBRxEHHGcwuh4rVrQ2_qtYrR9HVtel98Hp-_YC26soPULMS4CFWVZDMhoiO4FEFN7OCg3YMxAfsQv7btDJqmPpkMbQASUbrtcbmzTrP1QScIc-flQgPPH6Dt9ABbCOegGU1iwuSP5583D0vFKTnXpc0s2xkgBdAdBgpsC9u3XarjtxmQgrhHKvRjhsAf6OhGt7sBpmzNtp5SVSoXe2zYoUlJY1bc6dA&sai=AMfl-YSXvbcPPiWmnL5baQWYETkwIpnHT0dS86h4cMvu-g9V0n8tnHvcP0ghnI8WTMTPhoWABBxrQ3_INWGYuCtfwQQcZHEHcyh72mz_qFLfnBl3IZ3g84uL3raH05336og&sig=Cg0ArKJSzMJGAHFGLGSKEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC7E 0
0 109ms
76ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHim7uVtq-9rt0eProzdoOE5QcBcom-Cxl9TI7qF44Y5AV6Pe3VKzpMnpyfwAyWPnzG7LrJrJX6y1hhK6QrezkikriCvsDuSmYIqmXxcaaHErsZ-hNj7_DWPCPmHXJKZ9LMFpjQdhpxsP_S4927hqO2-Pvu0PNutdTSdePsTMqjWemVBjFy6SoEhkWioN1gG6veM8D2rZOjGZrBKtL0gdbKzko5t700Nd1ViSTEpRJV2OcvQwJkvERKtmOlxfD-thk1ZscykNgGGnCmEtKjEnOYQWAkRJFRKlKjMr-QxpHO384ePGzDYaW&sai=AMfl-YQctuWomDHfpxE4RgaWQbwkMmQ5TGe0SfQ4xLS7aFKLqadXi47eYMJGz7j2OPORRv10HgtKRhBKCARXqrnlcLRHAwKWnUpcFru1kWCiOvz2lYVNK-mz2f-Yrap9rz_E&sig=Cg0ArKJSzMV4QM868dYLEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
112 B 60ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3275635796553989&vrg=2021031001&nw_id=18430785&nslots=2&eid=31060312%2C31060459%2C31060011%2C31060211%2C31060367%2C676982961&pub_url=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&qid=COj9iJ7stO8CFcxW5Qodp58Oww&iu=%2F18430785%2Fcswelcome&e=61504&ret=640x480&req=640x480&bm=0&efh=1&stk=0&ifi=2

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
86 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfAOtnNAfrBfmfmsD

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 12:47:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9C5 42 B
501 B 58ms
38ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthO8ktPJqt1qzDnJ1BsxnG83GC-Yl0ycoR0aNJ6WTjvsZp1vUA3-mGig1tAdRj_vVBpmAS3qw0iRMB0qkthAI8w-fwR-2V25GdmPyXF7c&sig=Cg0ArKJSzAZhlhpD1CnvEAE&id=osdim&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210312&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615898830127&dlt=0&rpt=201&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 26EE 58 KB
19 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=education%2Cfbi%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 520 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 26EE 284 KB
100 KB 34ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 54D1 58 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-3UiFlDCgKx-leaderboard&categories=technology&tags=education%2Cfbi%2Cransomware

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 585 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 54D1 284 KB
100 KB 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 26EE 107 B
799 B 36ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 26EE 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 26EE 6 KB
3 KB 65ms
65ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3828922395482342&correlator=1056155284371277&output=ldjh&impl=fif&eid=31060458%2C31060367&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Deducation%252Cfbi%252Cransomware&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1615898837&dt=1615898837114&dlt=1615898836995&idt=112&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1605&adks=2863372106&ucis=yzbgy0ip1ibs&ifi=1&ifk=3195849559&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dtechnology%26tags%3Deducation%252Cfbi%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1975164923.1615898837&ga_sid=1615898837&ga_hid=653097542&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

db88fb4512c40bfb91f185def5d6ec6798f1282380e3aab8d2ede67ba7fcefe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3232
x-xss-protection: 0
google-lineitem-id: 5621938555
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339868733
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 26EE 0
0 58ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 26EE 0
0 9ms
8ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 54D1 107 B
777 B 45ms
31ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 54D1 107 B
531 B 41ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 54D1 6 KB
3 KB 68ms
68ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2286823935245229&correlator=3190244134126853&output=ldjh&impl=fif&eid=31060312%2C31060367%2C31060453&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Deducation%252Cfbi%252Cransomware&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1615898837&dt=1615898837162&dlt=1615898837063&idt=92&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=l1r1o5xkinsx&ifi=1&ifk=2356246457&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-3UiFlDCgKx-leaderboard%26categories%3Dtechnology%26tags%3Deducation%252Cfbi%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=1653059528.1615898837&ga_sid=1615898837&ga_hid=2109310120&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

dfb5b6d4a50b3a9a37c27d341862e9df1d735ab5dd5da211960fb1433a23c21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3261
x-xss-protection: 0
google-lineitem-id: 5614486206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339610546
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 54D1 0
0 27ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 54D1 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html Show response
caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 195F 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Mar 2021 12:47:17 GMT
expires: Wed, 16 Mar 2022 12:47:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26EE 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 26EE 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25f17238426d4ef599d818e86b360300b2723637f998c65c962c8d9fa06268ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6471
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 26EE 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 195F 24 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51490
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 22:29:07 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 195F 5 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e32f9727cdf72fcbc1c3e5ef4503add3a781036267ad1c783d622333b8c706e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:57:02 GMT
server: sffe
age: 969
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2591
x-xss-protection: 0
expires: Tue, 16 Mar 2021 13:31:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 195F 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 container.html Show response
f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9F5D 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Mar 2021 12:47:17 GMT
expires: Wed, 16 Mar 2022 12:47:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54D1 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 54D1 8 KB
7 KB 38ms
38ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b5e378a59e37dd923f73d577effa4665831b3037c76d96043297d7872a1bdf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6538
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3D7F 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 12:42:46 GMT
expires: Wed, 16 Mar 2022 12:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 271
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 195F 0
0 62ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKeNe0COngZ_enC_uqx4WXr8Ik-i0VNg3tdgy4PeUWl32MeshPp3XaqkSYRpyQlfyyYSVbBRDyydPyNdRAm79unBtlyu_Mpj0lGdkTcwSWnlD24ncFiThI68uuIPk28ZdEm9qbiQsIHkG47l4hfEUn0rQnoz1oexZ0YwNQRu9HK9oXkOI8sleSB9g2bt4WYaPxnMfXjsTDK0ZP_oZ6r7AhAKyJTZV8X7jiDJSb3WcqqMfLXzN1XHn0eyGaPnDDcmH3DBojzL4qaRfeT8cWuakrBvl5EwSvttYtuI1FhhkG8tbFm030tQfhsee91nZMTQM60g&sai=AMfl-YQA6vsNjwChDjI_l220H7VmTTXCsET8etlZsIEX1ZXbqNIiyINlNk0tGRDTgvxkUQt2zf-Gy5ZHgrNmscq7n7rylBm--IJzA4y-GimHmVXzmnMaab4ipnGEs-lt0cU&sig=Cg0ArKJSzLT0Ccln6OEcEAE&urlfix=1&adurl=

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ Frame 195F 36 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 69383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Tue, 15 Mar 2022 17:30:54 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 9F5D 24 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51490
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 22:29:07 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9F5D 5 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e32f9727cdf72fcbc1c3e5ef4503add3a781036267ad1c783d622333b8c706e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:57:02 GMT
server: sffe
age: 969
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2591
x-xss-protection: 0
expires: Tue, 16 Mar 2021 13:31:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F5D 112 KB
34 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2 200 B25263370.295827108;dc_ver=68.196;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=9em7al;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsviukiiXviPZPehKwTCuKNy9YdU0... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame 195F 45 KB
18 KB 136ms
73ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827108;dc_ver=68.196;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=9em7al;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsviukiiXviPZPehKwTCuKNy9YdU0tSlRmALtl3DOlpg6y2RIK_1MSPis5bi4IE8eYlrXko4DUIR-BkiCP7cGgZ1vfakSonjWE0INoReYj98Ckje-jMgFIJQ23VLeYnwauuGOdlseqHjoIVw5q4aQNFR1EfIB2fYpv29Erk_IRFPyaN2zxrAJdKqzmWKSM2iVfJQO-MX9-VUo3-ueGZfingy0jEV25EcIU3V3kOovd9jYQ8vabvmXyDDReq6KA-7oge5A6CB7P2EW-8LBgpy1EBLioU1Qt8hK9Vjolqr5Pxmhi2rkKkZdoYe8N_x7aqTcw%26sai%3DAMfl-YSNeBeP3Q4sX6754_p6Q-d3V1I6whHucppAJBmsMLJ7IKiL2q51NFhNZSboKPmVY5S6Tgo3gycJqHhHT2owDDbh4NTus29d-cPU_cGIVrNOihUD5RUn7xk4mZyFpIQ%26sig%3DCg0ArKJSzEBaJYOIQyYEEAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=f6H*J2SH7);osda=2;sttr=26;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

811a1c28ffee57070b32fb3cdd54e318a1d259bdda2ba2d0659843a8d71c9e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18562
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 54D1 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F5D 0
0 63ms
63ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_w0P6Rb3j8Jpu_iIhp8CUClOSnDkpwOlGf0atbANPL3QHYoXa7vXm8N-GOxzEv377a8ORH4uet2bYPi1vdyEnl4p3o3pZpHuyDgEiT02X92FWj83-4lAGnlrXBYQgc5JQuqM4DZure9MCQb0QD6KGsYexWiQhkyisTg8zqnU7oyC0cAhGg1fHGJLm_GMIpbiKfI_n7n0diSGH8dKWM1380jJeP4-X8ab1exKSbv6nFHgcluu6yt0lgXSMT2pwZUeNlJ-5Vo8sznkdWrB75okEyVEPRifvmo37nY7-MQfGFuJUsvnIoI2C_vcl8dSMdMbfKR1DUjyK3l1z4DI&sai=AMfl-YS8j88x7YYQJOMmVUfkQINNa3t8lAM3CxrtZhXv6PHtl4c4Q_0nHrNVAEOdFeielLpPC6cDoiCXAjC7mRjE9wLIKw1Xh70TTM6tnCl3cFNx9uWJHVVTDbBagFa5FN0&sig=Cg0ArKJSzGp0iix5g5j8EAE&urlfix=1&adurl=

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ Frame 9F5D 36 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 69383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Tue, 15 Mar 2022 17:30:54 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 10D3 58 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 87 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D7F 14 KB
6 KB 27ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 166618
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 620D 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 12:42:46 GMT
expires: Wed, 16 Mar 2022 12:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 271
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25263370.294977047;dc_ver=68.196;sz=970x250;u_sd=1;dc_adk=2711260096;ord=x4jsvx;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2vXXlO3i3KDWBZpexMQnAs-UX0xvEG_WqgIEQk5dO... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame 9F5D 36 KB
18 KB 93ms
53ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294977047;dc_ver=68.196;sz=970x250;u_sd=1;dc_adk=2711260096;ord=x4jsvx;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2vXXlO3i3KDWBZpexMQnAs-UX0xvEG_WqgIEQk5dOXXtfpn65QpGqZZD5375Uvb6jtArwNeEkeSdx4NC4B6Zis5I6C9vvjL5J2-CoLRJJeCCVhYKUrvuFn6edaTC_MQN2yfx_sHqyUfkobZN7XgfoZBTyBSoGoHMoJn3J51Xgu0Bn-YZiTpvHwwQXW3dTe6TdXTprwe-iE9s5sZa9E8ZAlSKZDdZTUm7wIhgKMjB3IrNC8f0kGrw6oUtdNrBWGgbod6WXnBFqwV3r9qO7uqt4xXt_y0lRZaYMjuRuv5WC75bFtsspBZwp8zMgLr0BDZ4u7G_qDl6oXoM%26sai%3DAMfl-YSAstaSaQyNRs5ubqOAye073pm9_7yXa8P85JQZJ235oh3sCB2v9RsQrK8VBp1lAPIiqzZpNtLSJxEtob-H8gAjWIiS9P3G6VdKi8GrbqDjrd-0jgcKv7CFs56P-Kc%26sig%3DCg0ArKJSzGkGJ6hL-_n2EAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=V7tOgACkBZ;osda=2;sttr=13;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

23ceef5c774b37d993d58b19497eddc4bfd1e187f726f9d48d5e6182821533fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 10D3 284 KB
100 KB 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 620D 14 KB
6 KB 28ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50240
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10D3 0
88 B 60ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=1375305628474514&vrg=2021031001&nw_id=18430785&nslots=1&eid=31060439%2C31060458%2C31060212%2C31060367&pub_url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dtechnology%26tags%3Deducation%252Cfbi%252Cransomware&start_time=1615898837416&end_time=1615898837416&n=0

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=education%2Cfbi%2Cransomware

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 10D3 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 10D3 5 KB
3 KB 68ms
68ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1375305628474514&correlator=774626822812491&output=ldjh&impl=fif&eid=31060439%2C31060458%2C31060212%2C31060367&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Deducation%252Cfbi%252Cransomware%26categories%3Dtechnology&cookie=ID%3D7e14f054a65f404a-227cefb2ccba0024%3AT%3D1615898837%3AS%3DALNI_MYxEViuoYpW8WOj5Lw7Bm4Qw0Hnig&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1615898837&dt=1615898837419&dlt=1615898837299&idt=114&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1435&adks=4064999910&ucis=ke0tjw90m29m&ifi=1&ifk=1411892527&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dtechnology%26tags%3Deducation%252Cfbi%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=490348814.1615898837&ga_sid=1615898837&ga_hid=1712457670&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

96766585dcf64ec308366785fdb8533082e6fb2110837040566d21245d3d1646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2869
x-xss-protection: 0
google-lineitem-id: 5621938555
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339923949
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 10D3 0
0 72ms
38ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 10D3 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52662248/ Frame 9F5D 223 KB
73 KB 173ms
79ms Script
application/javascript 34.246.59.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52662248/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294977047;dc_ver=68.196;sz=970x250;u_sd=1;dc_adk=2711260096;ord=x4jsvx;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2vXXlO3i3KDWBZpexMQnAs-UX0xvEG_WqgIEQk5dOXXtfpn65QpGqZZD5375Uvb6jtArwNeEkeSdx4NC4B6Zis5I6C9vvjL5J2-CoLRJJeCCVhYKUrvuFn6edaTC_MQN2yfx_sHqyUfkobZN7XgfoZBTyBSoGoHMoJn3J51Xgu0Bn-YZiTpvHwwQXW3dTe6TdXTprwe-iE9s5sZa9E8ZAlSKZDdZTUm7wIhgKMjB3IrNC8f0kGrw6oUtdNrBWGgbod6WXnBFqwV3r9qO7uqt4xXt_y0lRZaYMjuRuv5WC75bFtsspBZwp8zMgLr0BDZ4u7G_qDl6oXoM%26sai%3DAMfl-YSAstaSaQyNRs5ubqOAye073pm9_7yXa8P85JQZJ235oh3sCB2v9RsQrK8VBp1lAPIiqzZpNtLSJxEtob-H8gAjWIiS9P3G6VdKi8GrbqDjrd-0jgcKv7CFs56P-Kc%26sig%3DCg0ArKJSzGkGJ6hL-_n2EAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=V7tOgACkBZ;osda=2;sttr=13;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: debb4e87990aebfde64b1011361f53966ddbe0d84ac82c2e660fe510ffefae4b

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame 9F5D 8 KB
3 KB 28ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294977047;dc_ver=68.196;sz=970x250;u_sd=1;dc_adk=2711260096;ord=x4jsvx;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2vXXlO3i3KDWBZpexMQnAs-UX0xvEG_WqgIEQk5dOXXtfpn65QpGqZZD5375Uvb6jtArwNeEkeSdx4NC4B6Zis5I6C9vvjL5J2-CoLRJJeCCVhYKUrvuFn6edaTC_MQN2yfx_sHqyUfkobZN7XgfoZBTyBSoGoHMoJn3J51Xgu0Bn-YZiTpvHwwQXW3dTe6TdXTprwe-iE9s5sZa9E8ZAlSKZDdZTUm7wIhgKMjB3IrNC8f0kGrw6oUtdNrBWGgbod6WXnBFqwV3r9qO7uqt4xXt_y0lRZaYMjuRuv5WC75bFtsspBZwp8zMgLr0BDZ4u7G_qDl6oXoM%26sai%3DAMfl-YSAstaSaQyNRs5ubqOAye073pm9_7yXa8P85JQZJ235oh3sCB2v9RsQrK8VBp1lAPIiqzZpNtLSJxEtob-H8gAjWIiS9P3G6VdKi8GrbqDjrd-0jgcKv7CFs56P-Kc%26sig%3DCg0ArKJSzGkGJ6hL-_n2EAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=V7tOgACkBZ;osda=2;sttr=13;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:39:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F5D 0
437 B 118ms
60ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCE9UfZ-PVXeVykMzLZkmT5VZoeAN6fALNUBvRrX-AaAG8QZ0bpP3OTvBCD5obmzAY1W4Zwdfsn6637C6okxSAM-infY_ONnUz2B-RFioQmR3Qz4L6qtPW7IxLF9woxb-gBOzs-QKTtT1b1Zo7&sig=Cg0ArKJSzBt3J2KTJP9OEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210310.01984&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F5D 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267466
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 10:29:31 GMT

GET
H2 200 MSFTJUM_Vertical-Government_Elitebook-805-G7_Learn-More_EN_970x250__Jpg_____.jpg
s0.2mdn.net/4807732/ Frame 9F5D 27 KB
27 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/MSFTJUM_Vertical-Government_Elitebook-805-G7_Learn-More_EN_970x250__Jpg_____.jpg

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84900b30f197c3cc3018f3dd0f5f5ccf0cbc0dcc21fe4d115515d74aca921995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:11:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 18:38:39 GMT
server: sffe
age: 81357
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
expires: Tue, 16 Mar 2021 14:11:20 GMT

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame 9F5D
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294977047%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047&level=1&srcref=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2F&b...

50 B
243 B

93ms
92ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047&level=1&srcref=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R
Requested by: Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Tue, 16 Mar 2021 12:47:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294977047&level=1&srcref=https%3A%2F%2Ff2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H/1.1

200
OK

firstevent
hp.demdex.net/ Frame 9F5D
Redirect Chain

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305

42 B
913 B

54ms
54ms

Image
image/gif

52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305

Requested by

Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0f11f2fcc.edge-irl1.demdex.com 5.80.7.20210304103356 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: if/tFeyUSr4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MB6oVBi7Qx8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145395966&d_adgroup=488015183&d_placement=294977047&d_campaign=25263370&d_bust=3462745305
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9F5D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3471f931ec05eff4c0366d9c5055b7250fead0c006565ece9c6cefea885302d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html Show response
1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8E5D 6 KB
3 KB 33ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Mar 2021 12:47:17 GMT
expires: Wed, 16 Mar 2022 12:47:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10D3 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52802480/ Frame 195F 48 KB
13 KB 81ms
68ms Script
application/javascript 34.246.59.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52802480/skeleton.js
Requested by: Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7b914f6754b8a62ce7dc7abd0005ed3c46b6e45b357e30ad5656c4756b264a34

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 195F 111 KB
39 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69384
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:30:53 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame 195F 8 KB
3 KB 29ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827108;dc_ver=68.196;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=9em7al;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsviukiiXviPZPehKwTCuKNy9YdU0tSlRmALtl3DOlpg6y2RIK_1MSPis5bi4IE8eYlrXko4DUIR-BkiCP7cGgZ1vfakSonjWE0INoReYj98Ckje-jMgFIJQ23VLeYnwauuGOdlseqHjoIVw5q4aQNFR1EfIB2fYpv29Erk_IRFPyaN2zxrAJdKqzmWKSM2iVfJQO-MX9-VUo3-ueGZfingy0jEV25EcIU3V3kOovd9jYQ8vabvmXyDDReq6KA-7oge5A6CB7P2EW-8LBgpy1EBLioU1Qt8hK9Vjolqr5Pxmhi2rkKkZdoYe8N_x7aqTcw%26sai%3DAMfl-YSNeBeP3Q4sX6754_p6Q-d3V1I6whHucppAJBmsMLJ7IKiL2q51NFhNZSboKPmVY5S6Tgo3gycJqHhHT2owDDbh4NTus29d-cPU_cGIVrNOihUD5RUn7xk4mZyFpIQ%26sig%3DCg0ArKJSzEBaJYOIQyYEEAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=f6H*J2SH7);osda=2;sttr=26;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:39:10 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 195F 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267466
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 10:29:31 GMT

GET
DATA 200
OK truncated
/ Frame 195F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 876106d30f73e0ecc265a46b0b4b6a98f4790d4fa669e0c023f7081f33f28303

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F5D 0
424 B 130ms
61ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F5D 0
0 62ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-NMGi8ZjaJHRLSlSd7vMlyUsPk74Jyv14VXc-QjehJ6One7y28LAd3yBR-IOng4IjE4WW-R3wJYK_u_TbuMApz_sBQ3MtI2GbEatVJMV6W164GByBEXfp0QPz6lHOfulcTFipXFpnfIF-YsSKbRRM0bCdeC7dkKmoeNqdTJE3K_Xr22CHpgf_xm8LQ6jqY3DMbO8e41VV7iu0gigrRRtGO4FpffJOM9nqtPt50du9Eh2nnUZcsec_JsIRaZTqCPduY0UTOoYGrFDb-eEqDUcipuoZrhsgu-NgBmuo4oRGwWpDbTUAv-SxKwzR-UH-uA-jEblBs651c110vxO_GA&sai=AMfl-YS66Eo4vgIQmZ5fFvF-02xIp0h-0cIiG3kBUIJvXn97wuKaAS3dBs3EKf1tWJE_sk_e2NATDAKykqYGAPzHn0OP6UBQnwo5B8UEUJXpYTZLYlXX0VVvo_xH3v6f9Zc&sig=Cg0ArKJSzISjc9So6gutEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F62 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 13 Mar 2021 10:29:33 GMT
expires: Sun, 13 Mar 2022 10:29:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 267464
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E835 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 13 Mar 2021 10:29:33 GMT
expires: Sun, 13 Mar 2022 10:29:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 267464
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.172.js Show response
static.adsafeprotected.com/ Frame 195F 179 KB
57 KB 163ms
71ms Script
application/javascript 52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.172.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/582938/52802480/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 16f9bb4a5e42d601e091a087adb8c7be4d85e03107149a0985ce3734990eb02d

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 16:55:36 GMT
server: nginx/1.16.1
etag: W/"1438b864c1495e57158c15e2f2d8cbac"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 8E5D 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51490
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 22:29:07 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8E5D 5 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e32f9727cdf72fcbc1c3e5ef4503add3a781036267ad1c783d622333b8c706e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:57:02 GMT
server: sffe
age: 969
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2591
x-xss-protection: 0
expires: Tue, 16 Mar 2021 13:31:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E5D 112 KB
34 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 195F 112 KB
34 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/4807732/1613010712972/ Frame 8887 8 KB
3 KB 35ms
21ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1613010712972/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2497fa15c8ad1f3cfd7da03bb121b5ab3a757e273f65068f0c58091fbfce02ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4807732/1613010712972/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2905
date: Tue, 16 Mar 2021 06:29:50 GMT
expires: Wed, 17 Mar 2021 06:29:50 GMT
last-modified: Thu, 11 Feb 2021 02:31:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 22647
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 195F 0
22 B 63ms
63ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEH6u8znlz5r9DrYH0WQY-JM0agMEjccUo5ZaVcsMg7nyzQdMxbUHQsuFd0OQ7sZ4d8VSUmhncDFmHFNxbftiwnLOWdH0C_hdm7-epC0Uhhv9COBbtrcn11w-AMMO5P0U6M9o17F9PsJDg_ia2&sig=Cg0ArKJSzE6mvLApJIVlEAE&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=157&cisv=r20210310.08751&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame 195F
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D295827108%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108&level=1&srcref=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2F&b...

50 B
232 B

35ms
35ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108&level=1&srcref=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R
Requested by: Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Tue, 16 Mar 2021 12:47:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827108&level=1&srcref=https%3A%2F%2Fcaf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com%2F&brwsr=bd9da7a9-8655-11eb-bc6c-42010a246624&brwsrsig=WWoQC6w7N1lz34J1EoRK83hnRujy1R
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H/1.1 200
OK event
hp.demdex.net/ Frame 195F 42 B
913 B 93ms
53ms Image
image/gif 52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=146071962&d_adgroup=488920199&d_placement=295827108&d_campaign=25263370&d_bust=3128212532

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-03de60588.edge-irl1.demdex.com 5.80.7.20210304103356 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: OpyqaeSeSAQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F63B 58 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-us8QIxy0wX-billboard&category=technology&tags=education%2Cfbi%2Cransomware

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 788 of 1000 / last-modified: 1615892960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 9F5D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52662248/4.js?adContainerId=gcc_1ahQYO7CF9jG7_UPtNWOcA&cbFunctionName=goog_wrapCb_1ahQYO7CF9jG7_UPtNWOcA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafep...
https://static.adsafeprotected.com/4a.js

1 KB
1 KB

45ms
45ms

Script
application/javascript

52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 15:09:11 GMT
server: nginx/1.16.1
age: 216159
etag: W/"da4c85cef3afa0a27abf2b0c541c2cda"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 0FBF 82 KB
22 KB 97ms
97ms Script
application/javascript 52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 14
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F5D 43 B
216 B 373ms
123ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=5eab906d-25bf-1dd0-e77c-182d1de9605e&tv=%7Bc:723auo,pingTime:-2,time:90,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:201,mdZ:408,beA:473,beZ:474,mfA:476,cmA:477,inA:477,inZ:483,prA:483,prZ:494,si:500,poA:501,poZ:516,cmZ:516,mfZ:516,loA:538,loZ:541,ltA:562,ltZ:562%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:90,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:srPcQvg+111*.582938-52662248%7C1111%7C112%7C1131%7C121%7C122%7C1311%7C1312%7C132%7C133%7C14%7C15%7C16%7C17%7C18,idMap:111*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:61,readyFired:true%7D&br=u
Requested by: Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt68.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E5D 0
0 62ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYjw_aLR6_o8Drc4q_ZswPe4LTP3qzbwhrSjyGOCWur1yiabzUAmA0yc9legU7Vw9sVtHJfhS09fKBEaSTAxGgWDk-ySMHCy6hbPIpy4uur-ArXg7XkDM6PLTiHod67XUvUIrUXzatDU549DeHy6v9jOCrJ4URw7Yxocg-tsGhyBMgSlJwqgvhKn4VFURXE1MuQF3jVRLjXT1r221gapCCdFv7hl3VrJnyVGtly5MpvHxBYeAwl4IoD7se5HQRPyXTsBCxkRhE8nhqhwQECQ2pQGmn3ldTCrD5C9eZlkud-S8k4FTEEKYwjZXT2_4ZlobY1763SuwHLbM&sig=Cg0ArKJSzGhAInREebxIEAE&urlfix=1&adurl=

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ Frame 8E5D 36 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 69383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Tue, 15 Mar 2022 17:30:54 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F63B 284 KB
100 KB 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F62 14 KB
6 KB 28ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50240
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8887 112 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010712972/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8887 186 KB
48 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010712972/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:47:17 GMT

GET
H3-Q050 200 index.js Show response
s0.2mdn.net/4807732/1613010712972/ Frame 8887 87 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1613010712972/index.js?1611232268746

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010712972/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0bbc294cd2d9f830928d943d7064a63824a5bff63c8c8dd7909ef8301536b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 06:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22647
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14426
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 17 Mar 2021 06:29:50 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame E835 14 KB
6 KB 28ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50240
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 200 B25263370.295827114;dc_ver=68.196;sz=300x250;u_sd=1;dc_adk=2235259097;ord=58m6nc;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsssBXWRHoeK-PxSvtx9lGBBar96QCTfiR80qH4-vN24... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame 8E5D 45 KB
18 KB 99ms
64ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827114;dc_ver=68.196;sz=300x250;u_sd=1;dc_adk=2235259097;ord=58m6nc;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsssBXWRHoeK-PxSvtx9lGBBar96QCTfiR80qH4-vN24KocJQs-cz4KM0t_LJNoqhmbdz6JE--tIZhL7dE9poa4pAk9axKDFTjwhVb038-Xln6TrMP4EExxr6DmFAFvz77l2dMJeslnHIg_9ziOv5L21p672qKpmbSrn4xRaCOiA4CDziHeZp8jzCFAtOI5GvW1NWlJWmHQFI9lVJhFNhsFoWbfr8adApHkG5-lu_eu524dD94-E7iHcRmVFhPq0Jkw-8mAtt7Nv0UoIBxfzmtfif1cDD_pQFXxon8OggMO2oZMBnqnwadYj7V7OolRmnojh2eyfuJ4%26sig%3DCg0ArKJSzOtZsd8Ey_pFEAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=TReN(zPiF3;osda=2;sttr=36;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ea5eef5134861bb9178ac9d97ef63728d15f65662f1a9110f68a234c302956fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26EE 0
23 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=3828922395482342&bg=!JCelJ2TNAAUO7zDoDjsAKQB2-DxasjYxQ_-xvbZ7QMQgfwh-HpuZedt2njp6OL8dkrM8rG7ytWUMAgAAAXBSAAAAT2gBBwoAMG12ZKj5f5U-lViHLQNhyfhn7wwf-lvAzxa-gmlwElPLnXISsF5Xoa5Zg3x0Jt6JYJkB8GXHzVaBjeOFexNQopf193ipJcJTgufJcY9V2eA0Q1T9JQVLGVI888OvoRCFU6Jv_zB-KQJ5zLxJMMQFFF63KyugEzx4vdtSZmt1e_uEPUcMHv3Zno7yR7fMUHartEcH6ivM-36Z9GDMdb2aVRy9pf1gWCjQBfBg8Q2nH3xw7uBj4cXXg4wt1YVxQq8VAT9JvTJQ6utXqcnhOqR2mgFDmWAt2hQzf2CXpU_0yPra17RbMGC6_6mMzCpFgGcRzgEh8x1Md8obGlGZbyLib7-9h-lNin2uXdry0TdD5ZQowRUFkz9FpAg8G3eVLIYRIER0AM72ghf3RszyFRtlpu17Qc7s_GspsSW9jGHcYnZSrl5v6VSRS3Iv2N1-OWWCs5ixzTgkx_4UYJBzxWjj5ZOBxZ6yEFpqkNazhByhEcxucPezjQJVQEfOXhwrKMud5wykAbZcoABlPF8buWUatybET4pdDLwM2InbPuyUpf7zA83tm9gNfyDUJ0EBWwXVfqR5j7JjmdOJrkKFcVbPR9Ucikez9BfkhpSySUGvMMhufQRx4BQnSg0HdocZZG2-0XIasO2_QaOAQrvs4QSRD9DXD-eBxWqAlUioHok4_mBW7DyugR6Th4uE1Ie_4kb9M_sXRj4GZGRLYrIDgE66EMASxVs

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 195F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52802480/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=h...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

45ms
45ms

Script
application/javascript

52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 1077041
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:17 GMT
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame D19F 82 KB
22 KB 48ms
48ms Script
application/javascript 52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 14
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 bg.jpg
s0.2mdn.net/4807732/1613010712972/ Frame 8887 19 KB
19 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010712972/bg.jpg?1611232268719

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4714ce0a558f0c94f05cf0b8434916c42a8dffc679cb3075062ad3cf1ef0a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19859
x-xss-protection: 0
expires: Wed, 17 Mar 2021 12:47:17 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 195F 0
22 B 62ms
61ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F5D 0
22 B 61ms
61ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F63B 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F63B 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F63B 31 KB
11 KB 71ms
70ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2924829069257041&correlator=4060874531218354&output=ldjh&impl=fif&eid=31060459%2C31060367%2C21069710&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210316&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dtechnology%26Tags%3Deducation%252Cfbi%252Cransomware&cookie=ID%3D7e14f054a65f404a%3AT%3D1615898837%3AS%3DALNI_Mb4VF0MH83MUbaw7sTtOtRVeCtZ1w&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1615898837&dt=1615898837972&dlt=1615898837623&idt=342&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=3899&adks=3048910702&ucis=mhz2rjqcfffv&ifi=1&ifk=1019237191&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-us8QIxy0wX-billboard%26category%3Dtechnology%26tags%3Deducation%252Cfbi%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=1246033987.1615898838&ga_sid=1615898838&ga_hid=450268272&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ddea3eace06c9b41cdf8e5ff71757be22ba2317bf3ab60fddd118460eb053a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11356
x-xss-protection: 0
google-lineitem-id: 5631239734
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341230280
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F63B 0
0 31ms
15ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F63B 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54D1 0
46 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=2286823935245229&bg=!X1ylXB_NAAUO7zDoDjsAKQB2-DxaFKAC6_zE0DPKoWacclwQYhkUI7EneDgUS-FCyX-lUibTfkRWAgAAAd9SAAAAGmgBBwoBb9FregdsFzZ4wd7at-H76nLZSEgkPD-0aC0TZ9SHQJa1nIEa4HZbftBdYikRhB1vSLx56vDSu-UM3Oha1W8Vbk1IGukrReo05-koMvxdJokYcE8v-UZ8QxbyKBHAQSGLAfYNTZ-bT9wfkUTjQDdXKZMgoplp11qYiN4tvkMGm9AVG4dLhrJ601OtOXGdjNEds0xPNwoJMyCw_BA4SdXpzUTjDnPIMwu5MMs3BeoIA4YGOGhmbYA9FIHBaySnj9jVTdZdkSloIjHIR_h2DmDUikOCmaJ8g8ZiGDn2A962Bi88XSRM6WaxmmT1WCWEaoN0op0DXRUqnVMxfXIazjDHRq5E5sPeSWykKFKjk5QCunyx21_W4v7js2q_9Jmx9vm09JKjmIwE3mUNNAw354KcZyw2neWFddOsAISZXEVvc8ac8UtGSGiHaHeR-vV3vcVoA6dzIHUkRG4p4hd_NyQ4K6yacO7egXHC39Mme3clkW2ZAejEdwOS0-3UkiBTwVqM9vgXMqsZsHgWO0UUnlnQYsG0cGJlTGd2vPW5Igkey4Rsls5jB0WzZHo9Ibf7KDWLNtLk8h1wRKz7cw97yBxD9XvbYPiZCpVuCu8OcJKUnhe1_oymMfDyvdmeJDRgSw3t_RTQxwFrO5jofMMFbTWYnoDzggeHvDULhN3HY8WXvN-gAhpT1ebsXoPLfY-nxroHY8GiolFvI8hwzw9k9hnOKn9ZJoUKFZd4frR0K__r6wabbdn7gyewX2tL9SM2Un5LjKHSj_cC11fHtImM12Y4EsLdNcYEdXY618-Qvf4r4_D-JKMF5wjxNxHEwgwvW8Sd_wTqNgKNYVP94p1VlVD1Vf0HVxatbchRrp7Mjy6Kg8MjsJiLs8Dc3n5svE_uVj7SX3IQXBVhIc_5IHrikwyLtkGLU84GAwb88pixMiRddUmar9C72FefnEoQ-NWP-hTIaQLxW8rZC8IB52ZZ0YplZ0qxvU8FHb7m2lLCp5aO4xg9GNUPrN9Vap5HhFe4vonrERFgC6cYfGkZVljeY4fyDQszl4uZ34n4JWak0bwSx3KaVnoIHPZrIrn_l5DccBwwIZxXBZZunXtNKxiw5e429TxnEO_GdLVTGcgtdXMM8kA02rdEiukQxq4UtQ

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 195F 43 B
215 B 172ms
123ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=15585a4f-ff1e-b3c2-f82b-0f2b5b461089&tv=%7Bc:723axD,pingTime:-2,time:354,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:332,bdZ:413,beA:460,beZ:461,mfA:699,cmA:700,inA:701,inZ:706,prA:706,prZ:715,si:721,poA:722,poZ:732,cmZ:732,mfZ:732,loA:764,loZ:766,ltA:813,ltZ:813%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:261%7D%5D,es:1,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:354,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:srPcQuf+111.582938-52662248%7C1111%7C1112%7C112%7C113%7C121%7C122%7C131*.582938-52802480%7C1311%7C1312%7C132%7C14%7C15%7C16%7C17%7C18,idMap:131*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:91,readyFired:true%7D&br=u
Requested by: Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt67.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52802481/ Frame 8E5D 48 KB
13 KB 49ms
49ms Script
application/javascript 34.246.59.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52802481/skeleton.js
Requested by: Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a26f8c022ead20dcf752da3e8385b000a05dd6d315797b5cebd741030394b44e

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-server-name: app05.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 8E5D 111 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69385
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 17:30:53 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/ Frame 8E5D 8 KB
3 KB 28ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210310/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827114;dc_ver=68.196;sz=300x250;u_sd=1;dc_adk=2235259097;ord=58m6nc;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsssBXWRHoeK-PxSvtx9lGBBar96QCTfiR80qH4-vN24KocJQs-cz4KM0t_LJNoqhmbdz6JE--tIZhL7dE9poa4pAk9axKDFTjwhVb038-Xln6TrMP4EExxr6DmFAFvz77l2dMJeslnHIg_9ziOv5L21p672qKpmbSrn4xRaCOiA4CDziHeZp8jzCFAtOI5GvW1NWlJWmHQFI9lVJhFNhsFoWbfr8adApHkG5-lu_eu524dD94-E7iHcRmVFhPq0Jkw-8mAtt7Nv0UoIBxfzmtfif1cDD_pQFXxon8OggMO2oZMBnqnwadYj7V7OolRmnojh2eyfuJ4%26sig%3DCg0ArKJSzOtZsd8Ey_pFEAE%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=TReN(zPiF3;osda=2;sttr=36;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:39:10 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E5D 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267467
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 10:29:31 GMT

GET
DATA 200
OK truncated
/ Frame 8E5D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34cb2cbbe3c76be389328bdaa0f0e3ab04aa15435cbac496d0fcdbe55b177ef5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Bitmap7.jpg
s0.2mdn.net/4807732/1613010712972/ Frame 8887 47 KB
47 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010712972/Bitmap7.jpg?1611232268719

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deae54c97370a3b2ec203dd71a4662a814eb3545f1de4ebf53d8429ded9c1de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47905
x-xss-protection: 0
expires: Wed, 17 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF6 0
0 62ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujfK9GjJ4aiikcgiogFiZjdxesWCZDNbTm3IiUwnGKmRowuLPLvI8OD5h22gS_S7Jv57Ttz149PG388pj4NwcTUFXHciwC7hjm1gLnvTgxW6_-RcpxluMCVQpDjA_px5uQWx-edsuJ4sfb7dNGQ3DimhAl8CE4nT5vMhalENUG_FQorDiDJ_sqlFyVYzrJ8FDaMuopzUbYdDphobODdiTpLEVtVaAVJyuyX1AUP_AUqziUBkmGIP6JTqErbVc2a4wnYtlj4CiQx0AOqTMaRMNvWKJx2ow9hJwkvDo_OgrVJ2u8xNz5eUED6MIKpWjkJ9H-TZgGGc4&sig=Cg0ArKJSzExUrYu5agxjEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/ Frame 0FF6 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7126
x-xss-protection: 0
server: cafe
etag: 2064927160296813797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:43:26 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/ Frame 0FF6 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210310/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 12:41:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FF6 112 KB
34 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 1615766887761939455
tpc.googlesyndication.com/simgad/ Frame 0FF6 89 KB
89 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1615766887761939455

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d224a505f3633931fa75a676b2bb85100f94555bd7d719cca403de7ee39b1006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 18:17:45 GMT
x-content-type-options: nosniff
age: 498573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91456
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 13:23:33 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:17:45 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F63B 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F5D 43 B
215 B 123ms
123ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=5eab906d-25bf-1dd0-e77c-182d1de9605e&tv=%7Bc:723aAA,pingTime:-10,time:474,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615898838187%7C%7Cbcfd832717db70b358802d3b054f1899%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cfed9625349d6edb05984484e3e55bd3b%7C%7Cf5a5ac1a043ebf814bf727496a18b5a5%7C%7C9011f8a4e0e2b347c55d8db6e6f23d26%7C%7C600ee07e622aeb80f431564ded0750f7%7C%7C5dcb74788e3a95ac475155bef06dc868%7C%7C1614879537,im:%7Bimprf:%7Bttecl:517,ecd:45,tsecr:83%7D%7D%7D
Requested by: Host: f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
URL: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 intel.jpg
s0.2mdn.net/4807732/1613010712972/ Frame 8887 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010712972/intel.jpg?1611232268719

Requested by

Host: caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
URL: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 00:43:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
age: 43417
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4504
x-xss-protection: 0
expires: Wed, 17 Mar 2021 00:43:41 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6289 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 13 Mar 2021 10:29:33 GMT
expires: Sun, 13 Mar 2022 10:29:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 267465
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.172.js Show response
static.adsafeprotected.com/ Frame 8E5D 179 KB
57 KB 47ms
47ms Script
application/javascript 52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.172.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/582938/52802481/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 16f9bb4a5e42d601e091a087adb8c7be4d85e03107149a0985ce3734990eb02d

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 16:55:36 GMT
server: nginx/1.16.1
etag: W/"1438b864c1495e57158c15e2f2d8cbac"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
DATA 200
OK truncated
/ Frame 0FF6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 294e63d1ae09699eeffa0d8c72c9fc753d82cb3c9cc1fa14cd31446ea8c348d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E5D 112 KB
34 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 8 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4cc9159698bbddd91531d661bebd5fa8203a6ea9ce12e1a3f876b27190b237f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2906
date: Tue, 16 Mar 2021 05:54:40 GMT
expires: Wed, 17 Mar 2021 05:54:40 GMT
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 24758
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E5D 0
45 B 62ms
61ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxaDAaRiy-0HybLnItsAO-q5yylG-nCUlwiC06huQXAqPA2XOLupgLNr6NqayJIpZ9sezZ921DbXFjY6_-mN4GRoAkL-UZmClqKUN_koftU7eAZIWx-QlXZ6C2mt1x00NFTFdg47y_rQCijgDi&sig=Cg0ArKJSzJxTgasfheZXEAE&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=204&cisv=r20210310.20823&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK event
hp.demdex.net/ Frame 8E5D 42 B
913 B 52ms
51ms Image
image/gif 52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=146017714&d_adgroup=488920202&d_placement=295827114&d_campaign=25263370&d_bust=3645641598

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-090ba1b36.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: V1x2TaJUTzg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 5105
linkto.ext.hp.com/i/0/342132/ Frame 8E5D 50 B
255 B 35ms
35ms Image
image/gif 35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114
Requested by: Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F63B 8 KB
7 KB 46ms
46ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5d5aad84607d8c42771e2353aacd3e50e07c0e305c9de51b596f2214d326fc06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6613
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 195F 0
0 62ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3FzVUB_-ApHyHX46oQCGPMDPhq0sJS4Kqf4HlzLQM5lit1YTbDQeJ-3BBLygDinL3rfEgVjuEowrKGSXFUWzScamRy8YEDzvNX9WcKYTibRLQQiLx_2I22lYd6J-XOzM1I_42kOZRAuqJihIg1tOETJ6FbQj242Y2ElGdN4SX6z_kmgxu8Tr0DjelnaG4a_ptbqh6NWY6og_awnftKYbunNa85Ou_QwOi_1dC6Yxj9i6zIOKHWBpckyHK8nEzrcg2U-LgsJVSr2t05kh629VprRNaiFjy8yF6jrSaI4B5CmvPrGG9jkN5CPNKDur-leUe8kow&sai=AMfl-YScc1iv2YEyEH_GGVYs05Jr9iYXZzJURkQ5eGWtZIeqykjQmW-8zHZPKm8lwOx5vdLF3pW5DdHxp-hkSkTWTOvh09bI6snzDbQ9VHkYb6ehKl2SD4GlvV4umKde6HY&sig=Cg0ArKJSzHtZ5fI8bz4UEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF6 0
0 62ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoAaYZq627d5thPdbRPHK1aYlqbK5ZEyBKVFc4LAjjVqt7z-oZqr4QYwGljGwlQ7vIf7gimykvT_CbwstrX4PD_pXCKUwGasaRFlZjIFY-OaokKcjDYBrjGE7KNZ6mkHzwEQcvgGvCDBQUjREN8iGW6rcXfQ7m1HFgW2SQkoT0_lTySiw0Nl6O27Lnq50aLUMQ6i4nXlp1wD8dgqVv-5t8beVnKfN2JFfoBpetKx6YuNEreJAm1AY6K7fe4qQByTblJlxaRSAg637H-RDcRewjzt9I2AT3gp9VUBwONUe3diNfdMXfPVqR0xz4K-Hze2ZOsoHjuqAfdQ&sig=Cg0ArKJSzBjMOhtx4z0QEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 Rectangle1.png
s0.2mdn.net/4807732/1613010712972/ Frame 8887 188 B
274 B 6ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010712972/Rectangle1.png?1611232268719

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9995fc46cdb3b632a49355aa220570e8cddec68f2fd148a5e735285cb2cbf4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:44:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
age: 3758
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0
expires: Wed, 17 Mar 2021 11:44:40 GMT

GET
H3-Q050 200 VectorSmartObject.png
s0.2mdn.net/4807732/1613010712972/ Frame 8887 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010712972/VectorSmartObject.png?1611232268719

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6110f02b3dfb9af38b3040c7f99fb8edb79e78732150d5eb308127f928aad265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010712972/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 00:43:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:31:53 GMT
server: sffe
age: 43417
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1700
x-xss-protection: 0
expires: Wed, 17 Mar 2021 00:43:41 GMT

GET
H3-Q050 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 161A 112 KB
38 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 161A 186 KB
48 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 index.js Show response
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 79 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.js?1611231310975

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a9046c653c00c0b49f0926e9638749d6a37ccbacef5f0eb8a01e93474e19d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 17 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F63B 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 8E5D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52802481/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=h...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

45ms
45ms

Script
application/javascript

52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 1620855
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: app26.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 91FF 82 KB
22 KB 47ms
47ms Script
application/javascript 52.19.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.217.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-217-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 195F 43 B
215 B 124ms
123ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=15585a4f-ff1e-b3c2-f82b-0f2b5b461089&tv=%7Bc:723aEm,pingTime:-10,time:771,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615898838421%7C%7C1c220d0c619f3675f3c9e786eb28eabe%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ca6e197142e2aa2af2f2b8d4450c2a758%7C%7C090e0e9ad64aff38aa09c88397fa920b%7C%7C02ea01e3beb2729261b761db43aee75b%7C%7Cecc076b8f6bedc4c343589d412983c38%7C%7C378e2c78d878b3e7ac567963c8f89c17%7C%7C1614879537,im:%7Bimprf:%7Bttecl:672,ecd:45,tsecr:140%7D%7D%7D
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt50.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 6289 14 KB
6 KB 28ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E5D 43 B
215 B 125ms
124ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=4c768b55-4812-e862-ac94-4656d905b221&tv=%7Bc:723aFl,pingTime:-2,time:272,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:532,bdZ:582,beA:700,beZ:701,mfA:854,cmA:855,inA:855,inZ:857,prA:857,prZ:863,si:865,poA:866,poZ:870,cmZ:870,mfZ:870,loA:883,loZ:884,ltA:972,ltZ:972%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:164%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:272,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:164,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B117~1%5D,as:%5B117~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:srPcQuf+111.582938-52662248%7C11111%7C1112%7C112%7C121*.582938-52802481%7C1211%7C1212%7C122%7C131.582938-52802480%7C13111%7C1312%7C1313%7C132%7C141%7C142%7C15%7C16%7C17%7C18,idMap:121*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:107,readyFired:true%7D&br=u
Requested by: Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0566 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 12:42:46 GMT
expires: Wed, 16 Mar 2022 12:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 272
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 BG.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 64 KB
64 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/BG.jpg?1611231310948

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4587a9ceb14a8018d604daa891f5c1bda073bd575dabd4f1b9f17bfc32fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:04:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 81775
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65461
x-xss-protection: 0
expires: Tue, 16 Mar 2021 14:04:23 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E5D 0
22 B 62ms
62ms Other
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 intel.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/intel.jpg?1611231310948

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 05:54:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 24758
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4504
x-xss-protection: 0
expires: Wed, 17 Mar 2021 05:54:40 GMT

GET
H3-Q050 200 Rectangle1.png
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 148 B
176 B 15ms
14ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/Rectangle1.png?1611231310948

Requested by

Host: 1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
URL: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c357df249544f2d3b87dd076c81cc55226da9b428a50f94348e6677f3f786a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Wed, 17 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F5D 42 B
124 B 62ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSntaYPZ1LojsBn9ZnrqZ9IchMlR0JrGGdAgOIKwj1-E18ZLY5DSKxsAfh9OcmWzQqklWGb-7ZikN3QJjRGsFdHKH65oY_tduoZQjNcrk&sig=Cg0ArKJSzFuxQcf-6bFaEAE&id=osdim&mcvt=1016&p=0,0,250,970&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1615898837243&dlt=18&rpt=260&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E835 0
23 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpfQx1ahQYOK8F4nL7_UPo6Wa2A0AAAAAOAHgBAI&bg=!mJulm9jNAAUO7zDoDjsAKQB2-DxauN6k_1RSl9C21MWFKl5luDLj-BTn_f8ar4wVq4GbaH3hKpq1AgAAAfRSAAAANGgBB5kCmDd92FktT5cEBMWDBabFpXK1Mlbr-wiF4jKFCLBu-URjg-ZqUs4t5cpy_V7eZ_3VOjNu29vOsjIOBzAL_wJLHOzgFlQSRc0uvSUH2-A96qmCGMf8AcLAVtFPDVCn9Qeo_X-yAocSaFWgPA8MnVVE9sJzD1Cp28RdmZL86G8Ci68x99ZYAl9L-Qb3oLibrkNNcfdbYXD8yaOJQ7POtsYfETl9VKLso1tADWK6IPGnHq9tfleFa2UxlFuck0kItVWJgTsb7xasDQawPgQ1zrPVI0dFyFdWvftzFdpLHexEXXV6ZArUKEGJXnHW9xRZaEbzvEi2LHRNhRwvdg9NH_deeju11m60lCF2_vTde3ZiQIF2Qlo_VqyH3qBzJayTYJ4RF0DUn8oJlZ-lm-WnsCm0nWovgUDNS0A8W2FYT2-jR2wolw5dppen_kTFepo1pXPrf8AxNYDzFZedZjL7eggDwPqIvduwUfc6-g3XwoLvRbp2K5DqYwgiZi82_HEN3Q4WXo2p_wPQ3OFXm7qVP6DrWcW30_5smeiSQAuyE926reiBOAKBgOr4lzl0wRzdMrMvydo711h7cq15JUeoPhFuU2wvV1erNBMX-aAgHkB2BYyr-MAUSxcqSzc_lqG6JuwH6RFia0XSTDFXq1wv7SPjk-rU0R42taKCcEUydYO_pK0425E15wuBe9Cw7fzuobtM8v3SQptYgkkFLM8bCdxcAcJ_fVAHVYvv6ZnqF1cs61ejOt-aSBL04564aP6QemB-OtPUYq3p8rxSE7Id2-Mkbaa2mp0Oe5t6_0y9QPaNKll9z6dxkvk1VlwJ3TsgZEgw_zXC6q7RiUEjJQ23UCSkSiry-0vadqzbHLTscOL3ToUREaS3auV2XWQ

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F62 0
23 B 62ms
62ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH77h1ahQYO7CF9jG7_UPtNWOcAAAAAA4AeAEAg&bg=!NjWlNXbNAAUO7zDoDjsAKQB2-DxaquKAGmiBBsHmJ2cigPzjIXJtnq5DxCLeg_6f6gGCUDKppdGeAgAAAidSAAAAKmgBBwoA95VFh_qCW9Gt5ppN2X3YcCK9Zr0RKJqXlJZWjHh_TpeJ4vgWJ90JBK4fCRGcAjUXPrggMQQNlVnCktjH3p9--VXeNz8lNfzU-31W_babI_N3d960Vwcd2g18cMEvGGAcV6nf51PKNwMb4UUxwCRX46GwsVv2Ht4UZZtv_dQse6zwpRiydVPwHMqz7C0o7gbPbxfv_msJIGfrDajJfLmOREsw1_5_-96TCD7rubfAypXRtESq1qy-gypOUz1f5d5tDnxYerli6jXJ-F9Q_MPIEwTtY8p16kA5wbGI3bg2RR29NEIhRgiS1V0joq53OAV2jWGZdV5F7WSZApNVM0q1Ih7UZ6A8TiAzzy3u0mddDPO8UXFhnjOnlCsMN1og4cgxDVazNEGS8WeOXBfZYInyw8stCm0lTvcq1yFTiFB3JFu00jHXWmifSKLmLVWm3bEexh3giSPbVhTmwqz7Eo8Pgjz4w7KjHUao6fnQg8PUo8eT8NHKqtm4lRT3moJ_6RSn6ffQ74X0zKEc14sa9ueUp4HaTOW7iCtVsggQuMaG7ZrhNAjfwUKu1vM82rkWkmPx3dRUUjAnBXpQFcWysqpj2a7gF9O06YfqRx1TiTRbGcEPiVeppmwmeYw0-9gxmvW03MVXNaMOcLi-fLBwHSUZ4ErSDDJ-XDd7aDxnGxZMVlSWB0OOvbTy2t9NKYHrdmDP7mblNPh4ExtXFu7NZh8e6POHACQjKxbCTHTXtaBml08zaEj2yOed9hR18N7nv4aSr4Sa_9sCsZkVftXmvMlF03mKEMv3hpf9WzEcPtccDjDFO973A5rKAuwPDbSAyOU7C6jbzUsVLjLhO3AIAQ3Zy3dh8xVTjvv4xXv-GlqJM_u9AA9aieMG32WR9LkO7atJbQZup7FQCjbEWU6kzVZ5bXVlsM23-GszAvDZ7zChKQnKuT5JOENUV6BDlvIN_P5A447Cc3OGSr3h9Zp0HAmA1J4O0xSyg07q07Z7ClMmuG7XavsoSQPjNxcr4H7bs7VOo8KxTJGmrDf_qEva58DdyVjmmS1yycuT5qDm2mxo9vYBqkAok_hZZ0Na0KIpVEO1anUxwTFYubqS0E4Wu1pqdD9pGW7kBQTBNkRHd3pAOqaYkaflMf82PNFIj6PUsNeJSM3Qqc_FQKcD-7EGEd_4Pj5btpRQNY1bQqRMV7ICHVKUI0E7jkpAYjbMwg0aPg

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E5D 0
0 62ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXevASQPu2NSPpkbAOE7lZOATtZoeccml7t3Oshzg-DEViuzyAvVuGnEryk1Nz71pNhvTItETJr_3Zqq_bp_KDQd3O09SfUrr1x90PoFrgTAr2bbXuxIlqgBvcAeuJnvjKosbH-km-2KNDOq2tWspBtOHj6LfhCXaSqC1yJEI9MjDWHsIXUSf0E4Ic4hjwiTHwxkrWu03P928NU4Dd5_5rjOBa3UxYz1boV3QUOjtE20nJKHgRZCrQfIXQdKcfyHNGTZIj8e5D6kFnCvqHYU74CQKotWRIrfFdZvFmCITmODTwY1281Ne_9Sv_0FRG8AvNby_XNnzT65xfTQ&sig=Cg0ArKJSzEIUJfAMqbOtEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 10D3 8 KB
6 KB 39ms
39ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

efd71942767b7ff8dea22b617561d1fd2e1283f17e3384ad9745977e4978817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6588
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 39ms
39ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c91022a82b36374bfe7f4d1de617418c48a414ff6c58fde4b2d9cc5ee359d1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6517
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 201ms
138ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Tue, 16 Mar 2021 12:47:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f3594be1ad410b125665ce6bee017174
x-transaction: 0063cdbf00cc30fe
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
852 B 34ms
19ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=be21c6b2-3f23-4028-8ca5-53be460c797c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&t=Buffalo+Public+Schools+cancels+classes+after+cyberattack+-+CyberScoop&cts=1615898838631&vi=723ae2e376601e142cfc9349750e0ed3&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 630e16dd99474abc-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 08dcac9e7c00004abc14940000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ftZrwfsE7%2B1sVg61lOVw4xHLwru8NcMjypR1kAUQf4CJY72jwyJB6RB6YoJaBgaXh2esCgVDI5PCKrURc7b0yihoRU%2BfJgwFmZDP9uwhDRkt8pcabFTl3%2F9uxJ%2BZIg%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
339 B 38ms
23ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fbuffalo-public-schools-canceled-cyberattack-ransomware%2F&t=Buffalo+Public+Schools+cancels+classes+after+cyberattack+-+CyberScoop&cts=1615898838633&vi=723ae2e376601e142cfc9349750e0ed3&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 630e16dd99494abc-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 08dcac9e7c00004abc00081000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c0oe3RBYlQ8h0VxSk4ZjhDRN3JnEKZ2i%2FeHXrOzx9hJI%2BlcLmAsiBr%2FZkqJJPtujUCvAlKq9T%2BrC7cuRF225j1GCQTwDSpd0Cak2ePq%2BN4oWd5xSfoBCqo%2F86b7tGA%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-Q050 200 VectorSmartObject.png
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/VectorSmartObject.png?1611231310948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290a3565ce995734efb0b21243a388e85ef8f288f4fbb332e3d4b038b7113f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 05:54:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 24758
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Wed, 17 Mar 2021 05:54:40 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 0566 14 KB
6 KB 28ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 200 Z_Background_1_noholeedit.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 161A 10 KB
10 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/Z_Background_1_noholeedit.jpg?1611231310948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae31213486efa7916642a639bb20ab78004c59699b965f598d7abe2365a815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 05:54:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 24758
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10230
x-xss-protection: 0
expires: Wed, 17 Mar 2021 05:54:40 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 10D3 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Mar 2021 12:47:18 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 48C0 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 12:42:46 GMT
expires: Wed, 16 Mar 2022 12:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 272
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3DCC 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Mar 2021 12:42:46 GMT
expires: Wed, 16 Mar 2022 12:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 272
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E5D 43 B
215 B 124ms
124ms Image
image/gif 3.215.71.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=4c768b55-4812-e862-ac94-4656d905b221&tv=%7Bc:723aKH,pingTime:-10,time:604,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615898838814%7C%7C2378bcc66f37f12291ea1ccd41a46e50%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C8c2e921aec5ed66111fe906b50f3b226%7C%7Cae713569a09f7a516381e00fa690c775%7C%7Cf9c057507d63f16f5d4923b3e6d41776%7C%7C6abe8b33609527c39b4922d3950f967b%7C%7C0fa53460e4b976a37e894ceda0156190%7C%7C1614879537,im:%7Bimprf:%7Bttecl:544,ecd:45,tsecr:42%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-71-212.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 48C0 14 KB
6 KB 28ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DCC 14 KB
6 KB 29ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 50241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Tue, 15 Mar 2022 22:49:57 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6289 0
23 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZVFx1ahQYNODOYbk7_UPk6-5-AgAAAAAOAHgBAI&bg=!aWqlainNAAUO7zDoDjsAKQB2-Dxa0_mYEB5cneG_eyRDpT7h6hpNtOl4Meb6QSmxfMX71Td84fuRAgAAAOFSAAAAKWgBB5kCg5TlDejhQna_5FfbTSAiNKKsItiCvVOqLxIKeD8EBumlpFLJXEXUNd9DWrnFYirWMRzYnAjUUpqxx-KrvKqjHKE6NHyWYQOFTxivOldx4lDUS1PqvgzNwrSprXCFPnQm6O7mgz9xubMFdqlDWpyU5YwO9G1aEdrQjEAnyzHusM8cqkQ9fSe3ONjav5fioNl7-EezVLz03BPNQCV8sKUZshEzEAgevgjt10P_8xcC9kefGXeDxRMyDQUwZLoR_wiGSpmSgYTJHwItXQ2wRTeCHJBysjtK-jqheZGgnExcV8f_KHqI2P8QLZtGw_hM93RS5OhyUAXVhq57UZ0heNwBd1e5lQR0mGIyXFy8csD1rnYgOjw-puZomZm0TBYbLoSJao5PPCyZA3zX_ZhSF0FbgjkXPz9K4Ijlx8OXDVjRU8BGu-F6GWTZ9fZV3S1I9V_XCsx9vT3rPSRIWl-Y8oumUcA00WIGZoyLi0RJlTegkONuAvVG3UHIknuu4lXFCI2lH5fvnQQsh9Ksgppgx1nhLQsC5D97BJyro059caFj89c4yS1JUoqa4LLTcBP6m5tlBlALUKhutvIzBLb5ZGO61Oqb_FiyNI9ScORNSDLmvPdxOxhez5Iq8HzHVrr_85PuVMDdM3iaTwtP6U_g-k6pnAExukwxK3VwNFOodrreqtgVdxdNuNDbUAtiukuTDDwI8x2JbNYxsCOyqWcjhXt5UzWRwL08sBebkhhfrMTKBKsxdLvkehWNLHInFcrMLvXTlaeYJqFWgwWsHukA0srARZSfi7e6cLbOYRVgDulnXPvlvTwkHg86xBZ48Cd7WrFKv8ycChLJhvVR0ua_rmddn7gJlXs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F63B 0
46 B 61ms
60ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=2924829069257041&bg=!_P-l_7zNAAUO7zDoDjsAKQB2-DxaKR4jnqUZvtzhI6aT0rOFn_A7Hia1yTCqRMfi0tWUo-wl5lcdAgAAANRSAAAAJGgBBwoAa4syGDQU-k608O2KZ_jzydfyVBw0hPEuQQbkGxL5zXujEQHlsWxpF8fQzlvH0W1sxesS9TeZKl46nKYTsNvLVNtDxsFubfjApKCbkLVYBoG5VSa7Ykm92gadL-nqUmlfsgaRpSr4HsePnBiemQH-ItlyY_-4U3-geb1Rd13S1j84g_-W1dyFSg8iaktLt347-m7TZlgW8G8kIfcCSTGniUXSTDiWJqi6-qsAvc37JFDCyErHsjbg8dPY13PDzuet09OStepx0VTOcg3rCF4PT_Hyq4bOlWXeTUrwGMTchUCApBJRc-ZBcuak6kZrr8PE9aH_ABATrdZAnsLtQUDn0RHBkKS47btNmssF_EOxi5vxkFpOAVfST_6ggq1DuTetbvbooic32K3uxNBJts41yrsOZg3cjFH7nVHuFXobpiYPpd1nRMj9iXyR65xKx68EKwkjdXaTs1FpfYggAFyO2PC9-wn2L9YvWYXg1cEfWM1A0dc7DHjXJJRcWesJW9i2_NLzhDKFdp5EJjSoJkYkwr9_BpVnagLfNbb38ducxDUi2GFbwhfZurb1Ym5D0CY7Kftuyg1FHXgl_tp4y1MdrT0iV5Htk9TqgAokl_3rM00T9GJVRT4H1NetCb3copgH2sU9k0d7J0TAKj-DuIBDFUaphO-JobQMjkFRVDjnJTp5pmRmwXRM5Ss-9SMTAw43MI_EyTiuyMKIA0gxcM1iQT1YFbUYuf7qsVoIVPkoiWZfZxAgplK7FbTwZpNwW1wPXYn9WHPKGQzx2_K4GDJIN6PDo4ftEW0nh-6cl3-DwoZoSEE0Uadg3m7303XD

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10D3 0
23 B 62ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=1375305628474514&bg=!jY6ljs3NAAUO7zDoDjsAKQB2-DxadD2j5ckyMEtyPLJfgyFoB-vBJIBWg1V8K8CPamH8aIO_dVXjAgAAANdSAAAADGgBBwoAoptlnknpl6kZ4s6rGrx8uaOevemZmE0iJGKiyM3sTKoVoDHjB-PwDd8eJtTgcJOB9kPONSLQEgZ0k7KY0e9GbkM6lRmZWe4yqtb83lwLpUv7Z9L621O4rdhBaCULZlc1kEGLZTFBVzmG04KawJ7s5ywHtY3VSTC4tpRUFwNTvAC2J9HZP7jZRFJI8DdeubENH8wYzWMwfJU9B2EG8q9F6FzmTpkB7peyVP19wLshC4hQvjijA4UOrrlgS8ZGfp-xjbhRqQwLyWJBwLiCFVTPxhdflR2Pj5jY3fSvMLijZcyL895WDcTJgrwtxyFG4mx6Vgk47JmKrjDgv0XDGUE-1KRHXwOfNJE2Qscae4XZdDgwBYwZrWvBnWsfHdvFpHSce1AvVICjiTbnCrqzGk2IJcnPvoQ8WYNUqu2pfEMU7k9oH8PaU0ORM1eb6xHors3VQiH_7BhGqLml4OyzPPBQ17e4gvshtqq_fTLuZiCVpfXDEQPfXUbz_g3lj5TvSxXd1BrAutD-GAmRO8adHIxreXwFNad8iVii1YVQ6bojdcwB3LzXPfqa1rUOsHyqT2awOYHQRn1JAPqWhHuRpIm5VmHma5jpOWLQfthIpLnngkJF_mC3aC8_Yf1Efgrvwhwjbx1NVsah83FbX_J8eKw5XTxQN7BOQBLeCuKLEpyxKsbiozoI8eDGVWjJAJJ5V2H6maZHBp8V8pZdF40cVLIfgBC9jtdVuPLwVUB6JIPBPNI-V2JWz5d26yEtyu28GvnDCgL5URPnEqZKy7iGpwyIJ2HAkojKYQ-LO51Cn-FS4uh4XYn4wIc3vaCjbqpk2bx3O6dahs0fkURSFb1OqfWL-UpdK-IjkPPFHayrPA2nCoh1K11K

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=3275635796553989&bg=!8fKl8rHNAAUO7zDoDjsAKQB2-Dxaj4hd1vB74Mfl3T85b-SwABLM6q2bRiDhmVXFX0Rs26g-_9A3AgAAANJSAAAADmgBBwoASW15Z2s02cN16eC09nsnzIHFM_IzRnbeTJsU1iqaLrwCEt-fQmgNLRn6aOo8zjq4I4OiAMrHw6L333HTGHRzJncYp0JqBEM0dceZAdSs7d1X60vxVeuficYis1JMB6OOY85Q6d7i6qUyvI9O6VRv4cVeb9VIUp3ius5vdVHQ4d4DiHSpE8DzME9bs_rUZKaIfulnugKnZup5Gol3JDdAclXKTaQ8ZBINTbkKVXmLJBTVa-0sKya0pZYG7E9oEfBy96KBy_L9IixUBWyQJ83v1hG73LKZIFRxWjotaaAV43aTCIiHVq8M-Da1mD7dXqdMe9hQKazqpxxya-JhoLKeE9q97_L_eA84Gaeop9A4IhvCuyyGH-BiccqCwfJtGl4LP-q0QVNqnVPwthFPP4-tIJbecanMR842cR8-qzBohb-tiXvRjtujaOfZw0qvWLgImDBkhsdA6D12RBBS67UrVIT3SWmfUNX4H4sV358srVxpJZ68Wm0msdosFk24Ut-MH1D-292GmmtWH533_kEh72PM3cwU-bbtjPDu6V0PYCHVpRLEPdFWL1nk3baBk2ix7ba6D-iBTkkDkkzoLZS0e_ZY55pj8mm404IhxY9RVWasoFKGMUaPKvQ2WR4NQNNeS2WnTLMDR9KnKtJP7Nxd27Ob4PvjDoxln1VrTenPOm6pbXLkXIDHPZS8VdQ_iDqgyOUcWu3uD8aKo4fYTOKhW5A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIovvHoey07wIVieW7CB2jkgbbEAAYACCaw9NF;met=1;&timestamp=1615898848276;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 195F 42 B
498 B 121ms
60ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovvHoey07wIVieW7CB2jkgbbEAAYACCaw9NF;met=1;&timestamp=1615898848276;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_oe=ChMIk8Lpoey07wIVBvK7CB2TVw6PEAAYACCym9BF;met=1;&timestamp=1615898848617;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8E5D 42 B
476 B 108ms
74ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk8Lpoey07wIVBvK7CB2TVw6PEAAYACCym9BF;met=1;&timestamp=1615898848617;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 12:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 16:51:40	Name: __hssc Value: 143679850.1.1615898838625
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 02:13:14	Name: hubspotutk Value: 723ae2e376601e142cfc9349750e0ed3
.cyberscoop.com/	1970-01-20 02:13:14	Name: __hstc Value: 143679850.723ae2e376601e142cfc9349750e0ed3.1615898838624.1615898838624.1615898838624.1
.cyberscoop.com/	1970-01-20 02:13:14	Name: __gads Value: ID=7e14f054a65f404a:T=1615898837:S=ALNI_Mb4VF0MH83MUbaw7sTtOtRVeCtZ1w

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VWvSXW5pRgv5W7ZcdcX4rwBpBVLsY3L4pcZkqN8LB06k2-G-5V1-WJV7CgCSCW8KDWld52YS-NW5sPjwB4lMbM_V8STy23PcT5xW3DCG0F6CDWy1N4s5t9xJ29X1N3kz-t9Z0vrjW4B0FTr1QF1McW66Y8kk71D1GVVhjC6X7tr9Q5W96vw_X2KHb-FW11TkT56Ss006W68RKDc99KdjwW2zKLP-5V0pglW1f8J3m86bLQlW3MZDHq2M9bBxW2PltR78fHgvjVfsMvq5VShn4N3khBXZJSq1PMFy043tPcJPW5ZRd7P5-YyqS33yF1(Line 13) Message: toS
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.0009765625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.0009765625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.001708984375 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1315549ca99963292a9e0812dd7b05de.safeframe.googlesyndication.com
1315d3cae060efc0a31182e5f2e7eefb.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.ch
adservice.google.com
adservice.google.de
analytics.twitter.com
caf66fd947189820a02a50800dc0fae2.safeframe.googlesyndication.com
cdn.taboola.com
connect.facebook.net
d6fd092b0a3718868b7d0ff076f355ba.safeframe.googlesyndication.com
dt.adsafeprotected.com
f2b8740e9b516ee93d339271107be1e3.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
hp.demdex.net
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
linkto.ext.hp.com
pagead2.googlesyndication.com
px.ads.linkedin.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.ojrq.net
104.244.42.197
104.244.42.3
142.250.185.198
142.250.185.226
142.250.186.130
142.250.186.162
151.101.13.44
199.232.136.157
199.60.103.225
2606:4700:10::ac43:2794
2606:4700::6810:5905
2606:4700::6811:46b0
2606:4700::6811:b849
2606:4700::6811:d5cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9a
2a02:26f0:10c:58e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.215.71.212
34.246.59.179
34.95.127.121
35.244.184.212
52.19.217.116
52.21.95.133
52.210.171.182
52.216.244.198
52.218.252.184
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0d5a1e46e6ed77b0d37d926b2ea6617cd26713d964d8b3bb8f6361d7c366ef9f
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
16f9bb4a5e42d601e091a087adb8c7be4d85e03107149a0985ce3734990eb02d
1ae31213486efa7916642a639bb20ab78004c59699b965f598d7abe2365a815d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ee0c52ac0e20f758a362a1908f240305ee76e793f9d13694dd6464dd8ce52c1
205aa8edd302b8ab33ae31bf06f25c37acbbf99ada33713925b07d3c0faf748b
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
238a0dfc2120b106897fa306bec3267cd2338bf6c0264a2ae8f2c242a4176eb0
23ceef5c774b37d993d58b19497eddc4bfd1e187f726f9d48d5e6182821533fa
2497fa15c8ad1f3cfd7da03bb121b5ab3a757e273f65068f0c58091fbfce02ea
25f17238426d4ef599d818e86b360300b2723637f998c65c962c8d9fa06268ce
290a3565ce995734efb0b21243a388e85ef8f288f4fbb332e3d4b038b7113f93
294e63d1ae09699eeffa0d8c72c9fc753d82cb3c9cc1fa14cd31446ea8c348d0
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
31069f0b6053613d3017a28f695fca6f0a65e2ced753c235fc03a4179c0ba1e3
33fc087699787c237ed83b1e7b3af5fc4e152882469c4b0cb5e622c7698b50b2
3471f931ec05eff4c0366d9c5055b7250fead0c006565ece9c6cefea885302d6
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
34cb2cbbe3c76be389328bdaa0f0e3ab04aa15435cbac496d0fcdbe55b177ef5
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748
5bc3cb4cb74612170cc4990020f34799300449837c00d2b3ddbd52fd69d03cae
5d5aad84607d8c42771e2353aacd3e50e07c0e305c9de51b596f2214d326fc06
5e32f9727cdf72fcbc1c3e5ef4503add3a781036267ad1c783d622333b8c706e
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6
5ff636c1f4e54c94076c92871dd22654f2fb173aafce69def369dceaf72c161f
6110f02b3dfb9af38b3040c7f99fb8edb79e78732150d5eb308127f928aad265
6562a35db7220433c819e4e9bebd39fa972c8b7dc6bba09a3402509b1c60429e
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f829a00a403b78fe633e458e3e7a53e433d0bb4056ad9732c2f553fa68acfed
74b6b49fe8d5d89124cdaf16bc61860188ab92ee583d9fab9409d7b896466bae
74cbd6a6b80c96edaa9f48a27ca9628c2b141931b87a5a5cc66210d3ae8eafd3
769a9143fb3b45eea61e6aab06806f072dd345f1ea8f4e24b06c024c9b69152a
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7b914f6754b8a62ce7dc7abd0005ed3c46b6e45b357e30ad5656c4756b264a34
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
7fd06af8bdd416d68b2aac7c8cd80a32b29a4d7955ec52737c5799d24525c97c
811a1c28ffee57070b32fb3cdd54e318a1d259bdda2ba2d0659843a8d71c9e69
84900b30f197c3cc3018f3dd0f5f5ccf0cbc0dcc21fe4d115515d74aca921995
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
876106d30f73e0ecc265a46b0b4b6a98f4790d4fa669e0c023f7081f33f28303
89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c357df249544f2d3b87dd076c81cc55226da9b428a50f94348e6677f3f786a1
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
9644ec29293f7eb4a7dd102a0737fd29431ac560f4ff06422c06dd31953969dd
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96766585dcf64ec308366785fdb8533082e6fb2110837040566d21245d3d1646
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a06bc0ee56270eee8892c341d7d2f81090296a7fcbdd94964f95950ee158940b
a0aa7f0ca25ad3ff110c8eb2e3d666373b45af098faccc614d93481ae282c20e
a26f8c022ead20dcf752da3e8385b000a05dd6d315797b5cebd741030394b44e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
ac42713a79bcf0c9f614d3744f6d3c611200f8b54696dc3fb7f58b38c2738cba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4cc9159698bbddd91531d661bebd5fa8203a6ea9ce12e1a3f876b27190b237f
b4eb0c1b55098815f07b414c433a5f32199e1b3f7a263c8f33a1e64fd1a41eed
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b5e378a59e37dd923f73d577effa4665831b3037c76d96043297d7872a1bdf91
b9995fc46cdb3b632a49355aa220570e8cddec68f2fd148a5e735285cb2cbf4b
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c185bd03bb3f1ff582edd7f74108628a4305efbdf1b8e898e4a52ff7dc9534d2
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4
c91022a82b36374bfe7f4d1de617418c48a414ff6c58fde4b2d9cc5ee359d1d9
c9a97554ba9d23f6d4529f6576044c8650daeb476cac9f9b8558c0b266317a5a
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
d09606a69011d0f2afba1c828a730dbfa71b8797c3949633bea9656df17b47e1
d20d404c5643f4d1711fd9ac35406f29cd8d717c2bef7ca8261c17afbd02d866
d224a505f3633931fa75a676b2bb85100f94555bd7d719cca403de7ee39b1006
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d7a9046c653c00c0b49f0926e9638749d6a37ccbacef5f0eb8a01e93474e19d4
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db88fb4512c40bfb91f185def5d6ec6798f1282380e3aab8d2ede67ba7fcefe0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddea3eace06c9b41cdf8e5ff71757be22ba2317bf3ab60fddd118460eb053a57
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deae54c97370a3b2ec203dd71a4662a814eb3545f1de4ebf53d8429ded9c1de5
debb4e87990aebfde64b1011361f53966ddbe0d84ac82c2e660fe510ffefae4b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfb5b6d4a50b3a9a37c27d341862e9df1d735ab5dd5da211960fb1433a23c21d
e0bbc294cd2d9f830928d943d7064a63824a5bff63c8c8dd7909ef8301536b59
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4587a9ceb14a8018d604daa891f5c1bda073bd575dabd4f1b9f17bfc32fe718
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e67174640462cfafc9e7dadb0f1ae4b930a564eb910bdce4c5a963e9efa28212
e6df8111e696f634b41e58c3ea22b3a4cc92d1a6a860733c98adff55852796ac
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ea5eef5134861bb9178ac9d97ef63728d15f65662f1a9110f68a234c302956fc
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6544e1a20e9a517c91898515ddb92b19da4c49be3d9036aa411010085fe304
efd71942767b7ff8dea22b617561d1fd2e1283f17e3384ad9745977e4978817c
f4714ce0a558f0c94f05cf0b8434916c42a8dffc679cb3075062ad3cf1ef0a04
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

264 Requests

100 %HTTPS

63 %IPv6

33 Domains

49 Subdomains

47 IPs

4 Countries

3913 kBTransfer

9234 kBSize

5 Cookies

19 Outgoing links

Page URL History

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

100 %
HTTPS

63 %
IPv6

33
Domains

49
Subdomains

47
IPs

4
Countries

3913 kB
Transfer

9234 kB
Size

5
Cookies

264 HTTP transactions
7 data transactions