cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybernews.com/security/new-initial-access-broker-tor-shop/
Submission: On July 29 via api (July 29th 2023, 11:56:52 pm UTC) from US — Scanned from DE

Summary HTTP 176 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 35 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3108::ac42:283b, located in United States and belongs to CLOUDFLARENET, US. The main domain is cybernews.com. The Cisco Umbrella rank of the primary domain is 227455.
TLS certificate: Issued by E1 on June 22nd 2023. Valid for: 3 months.

This is the only time cybernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:310... 2606:4700:3108::ac42:283b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700:310... 2606:4700:3108::ac42:2bc5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3 12	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2 2	52.28.142.138 52.28.142.138	16509 (AMAZON-02) (AMAZON-02)
4 26	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	18.197.217.197 18.197.217.197	16509 (AMAZON-02) (AMAZON-02)
3 3	2a05:d018:d29... 2a05:d018:d29:3602:e367:e25b:44f7:80c5	16509 (AMAZON-02) (AMAZON-02)
2	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 4	23.192.153.28 23.192.153.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	52.29.47.82 52.29.47.82	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:59bb:9f0:95de:e1fa	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
176	30

5 2606:4700:3108::ac42:283b (United States)

ASN13335 (CLOUDFLARENET, US)

cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3108::ac42:2bc5 (United States)

ASN13335 (CLOUDFLARENET, US)

media.cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.142.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.217.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-217-197.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:e367:e25b:44f7:80c5 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.153.28 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.47.82 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-47-82.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:59bb:9f0:95de:e1fa (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	197 KB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	1 MB
14	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 3	2 KB
13	cybernews.com cybernews.com — Cisco Umbrella Rank: 227455 media.cybernews.com — Cisco Umbrella Rank: 392574	445 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	104 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	281 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5772	883 B
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1361	902 B
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 912 r.turn.com — Cisco Umbrella Rank: 3865	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	21 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3887 onesignal.com — Cisco Umbrella Rank: 1358	82 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 623	1 KB
3	addthis.com 3 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2058	2 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	793 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	250 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5207	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 801 s.tribalfusion.com — Cisco Umbrella Rank: 2021	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 607	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 43924	1016 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 862	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1340	316 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 980	2 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 762	340 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1788	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 701	731 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 746	543 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 802	465 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1613	586 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3556	104 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8889	552 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 755	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	606 B
176	35

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net cybernews.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net cybernews.com
16	pagead2.googlesyndication.com	cybernews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	www.google.com	3 redirects cybernews.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	media.cybernews.com	cybernews.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.de	cybernews.com
5	cybernews.com	cybernews.com
4	sync.teads.tv	2 redirects cybernews.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	www.google-analytics.com	cybernews.com www.google-analytics.com
3	dis.criteo.com	googleads.g.doubleclick.net
3	e.dlx.addthis.com	3 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
3	www.googletagmanager.com	cybernews.com www.google-analytics.com www.googletagmanager.com
2	onesignal.com	cdn.onesignal.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	um.simpli.fi	2 redirects
2	r.turn.com	cybernews.com
2	ad.turn.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.onesignal.com	cybernews.com cdn.onesignal.com
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	cybernews.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	dsp.adfarm1.adition.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
176	44

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.tiktok.com
flipboard.com
www.group-ib.com
careers.cybernews.com

Subject Issuer	Validity	Valid
cybernews.com E1	`2023-06-22` - `2023-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Frame ID: 9B43B468DACC7794A44B622E31675977
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 049C40D022B37F6576007FEFC5ED7088
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1690539014&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007082&bpp=2&bdt=289&idt=246&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3253902801700&frm=20&pv=2&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: A989283344CF239E5C432D182BCAF9C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Frame ID: 39710BC5D5311826AB2D83F07503583A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
Frame ID: 4D7DB416BA6D525858E045073D6B5333
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 14DB132F061171628907082D2D04C965
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A78A2CF3DE5DB8C7162DF7A583EE932
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A01ECA910262296EBB41406A38AC477C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B9B490A188931A8AFA3E45BBA8D5416
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 36A6A17BFD4A0C7D3B88C1345EAB58A1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: CC9202D359A60DF09A38F28870953840
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 34CD9B1D3439DB9BF3A32BA5A574714C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF543F40854B34EE31536D68533886D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9CFC69A4D8DA3F4BA62E0E787F1B7195
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 4CF01C233613F96D799961896A3030AF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 71012D65B9D1F1E6587BCB63F9B214D4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 970196267EAB43BE8C01C23632B038BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 783D60B9726306FEF1C425F372EE5D64
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: F5A0E96D39DF90DBB40A8D21415610ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 59F3555C1C4CBBC614D53C6B3D66F6DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 60E251F1FC3ECF3F3706E863E23A631B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F088DA8748E3E8A6B5C7AACDB570241
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBFA6728950EDF59348C406F45A4C30A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacker sets up Tor-based online shop to sell access to firms | Cybernews

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

176
Requests

88 %
HTTPS

54 %
IPv6

35
Domains

44
Subdomains

30
IPs

10
Countries

2762 kB
Transfer

5769 kB
Size

48
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CyberNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cybernewscom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CyberNews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybernews

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cybernewscom

Search URL Search Domain Scan URL

URL: https://flipboard.com/@CyberNews_com

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/resources/research-hub/hi-tech-crime-trends-2022/
Title: IB-Group’s Hi-Tech Crime Trend Report

Search URL Search Domain Scan URL

URL: https://careers.cybernews.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0KT3iuXwzmJw7gd9OByp-DTn8yCG0T6bWHI5JhDH8CSQFS_ZrRFmiad5Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0KT3iuXwzmJw7gd9OByp-DTn8yCG0T6bWHI5JhDH8CSQFS_ZrRFmiad5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGU2U2g3TkkxUXBUTks1&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0KT3iuXwzmJw7gd9OByp-DTn8yCG0T6bWHI5JhDH8CSQFS_ZrRFmiad5Q

Request Chain 65

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMszQetAnJb8CF4CBsgzeQw&google_cver=1&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_frZMilYRjQEhotiQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iFV9Q0xzS4WcMcPh-ksMog2&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_frZMilYRjQEhotiQ

Request Chain 67

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIPUOpnUR-A4eW7wD9t9HQ0&google_cver=1&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcSiddtX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcSiddtX&google_hm=eS1TSFJ5VUUxRTJwR3lsSUhkOGRSZVlPR3U5U1BYV0JtOH5B

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM2shYa8w60vZ1fimLM8L7w&google_cver=1&google_push=AaAOQGH-4608a1RIEx5HpUD0E7XMk77COFeXuoboGUUVUyVlsxU3vnMvSaslQASfPqQBSwGRNxmQ8nZ5uq8b92wzCnP1FmxIOWMLhyRm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA3MDE4MjA3Mzk4NTM4MjA1Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1

Request Chain 86

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIocMGDjZEfF88fcocBFtUs&google_cver=1&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaXoUZWmF_cCb6RkvjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MTM5Mzg2NzUyNjY5OTE1Mg%3D%3D&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaXoUZWmF_cCb6RkvjA

Request Chain 87

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGvuziWn4duowgpEoSi_KCbu-idfPY1b-zUk&google_gid=CAESECYZJIGm7IDfhO2QLJ854_M&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGvuziWn4duowgpEoSi_KCbu-idfPY1b-zUk&google_gid=CAESECYZJIGm7IDfhO2QLJ854_M&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA4Nzk0NjM3NzcyMQ%3D%3D&google_push=AaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGvuziWn4duowgpEoSi_KCbu-idfPY1b-zUk

Request Chain 88

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELwTSjM7meN0haBvLTeZD2A&google_cver=1&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQjOsHDjAm1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQjOsHDjAm1&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEIOpWrAYH9vfex6binInyx8&google_cver=1&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnKM0SZkAvGH3rDXHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnKM0SZkAvGH3rDXHA

Request Chain 141

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEHi0p8mrRhUzoMd7Kb0WXg&google_cver=1&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzWohwCWhx8c6g759Qhmgms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzWohwCWhx8c6g759Qhmgms&google_hm=OVLmB6IrRfCRe-oS5XxmHGw

Request Chain 142

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGfk1mWI8S1T9WjTk0gLiG0&google_cver=1&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2efNaIJwGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2efNaIJwGg&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B

Request Chain 144

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMmyLF6pqlv2hizgojPlKRY&google_cver=1&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVPrxDOxxfwHkKnOYXrjVZCVyk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMmyLF6pqlv2hizgojPlKRY&google_cver=1&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVPrxDOxxfwHkKnOYXrjVZCVyk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE1NTk2NDk2NzQ5NzMwNzE1Ng&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVPrxDOxxfwHkKnOYXrjVZCVyk

Request Chain 145

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKo_88BuHQ8JpnmZL5204Uo&google_cver=1&google_push=AaAOQGFvoyOs8ZtC1YtMi0NYTVUWpq75rsvuBwgnCb1IhEzOuoTeASGjSxUzM40-wFjLPCjKd9lFM8zU4HfqcX08HWM9TAYchBnVPA7L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFvoyOs8ZtC1YtMi0NYTVUWpq75rsvuBwgnCb1IhEzOuoTeASGjSxUzM40-wFjLPCjKd9lFM8zU4HfqcX08HWM9TAYchBnVPA7L HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 147

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1&google_push=AaAOQGF93u99_OPahQMfNPmyk50dyRGXQk0gQDfqZTRs6DBNyMvrSyd2cpR9Qs3mlGsjDwTMX7wChiGE8RqBLa-cHdCRwmH5-ovL1Ek HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0MjIzOTY2ODAyMzMwOTk4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1

Request Chain 148

https://a.tribalfusion.com/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAV3ZrSrxicHOu4bLoqugYk&google_cver=1&google_push=AaAOQGHQZOu27tCWDOhu3rmCYO1B6XIBhAEbMyl4xnclI76cGlWAMcjd6B0CS-4iM5r2nZZT_p_aoeDi58PSKtVmJ83Wo0yFfOu2_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAV3ZrSrxicHOu4bLoqugYk&google_push=AaAOQGHQZOu27tCWDOhu3rmCYO1B6XIBhAEbMyl4xnclI76cGlWAMcjd6B0CS-4iM5r2nZZT_p_aoeDi58PSKtVmJ83Wo0yFfOu2_w

Request Chain 151

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEHi0p8mrRhUzoMd7Kb0WXg&google_cver=1&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k78RKwTenyBrKM6e27gUAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k78RKwTenyBrKM6e27gUAA&google_hm=BshXdsTmSmSsJjsj-MYZtGw

Request Chain 153

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKo_88BuHQ8JpnmZL5204Uo&google_cver=1&google_push=AaAOQGEBINCOob06KqMc073Aej-wNcJQUj6I1K0m8cVeTbtDL_a7kQ3C_DUaD9JboiidxYGvN0d2gkMGjGjGNxpCsd7d9Gmg9iPn3L5m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEBINCOob06KqMc073Aej-wNcJQUj6I1K0m8cVeTbtDL_a7kQ3C_DUaD9JboiidxYGvN0d2gkMGjGjGNxpCsd7d9Gmg9iPn3L5m HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://um.simpli.fi/gp_match?google_gid=CAESEIOpWrAYH9vfex6binInyx8&google_cver=1&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUXj5kAoFEtfFpPG5NkQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUXj5kAoFEtfFpPG5NkQ

Request Chain 158

https://d.agkn.com/pixel/2175/?google_gid=CAESEMrU44ThvyU1tn6bNvX-XK0&google_cver=1&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU&google_hm=Q0FFU0VNclU0NFRodnlVMXRuNmJOdlgtWEsw

Request Chain 159

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGH3SlI8DgFEyWhTvO5CrLu6zw2iM8-URFvg_DiFu9G5ftXPX8jcp-NiCySkFXCsNHUdkc2dadm9rwI_wFMjkARYJm6JVStsKuDw&google_gid=CAESEBPHiu5u6aNr0HV8wXrxQ40&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA5MDM3MjA2MzA5MA%3D%3D&google_push=AaAOQGH3SlI8DgFEyWhTvO5CrLu6zw2iM8-URFvg_DiFu9G5ftXPX8jcp-NiCySkFXCsNHUdkc2dadm9rwI_wFMjkARYJm6JVStsKuDw

Request Chain 160

https://d5p.de17a.com/cookies/google?google_gid=CAESENGR49kVhlpZrY74QTK22oM&google_cver=1&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENGR49kVhlpZrY74QTK22oM&google_cver=1&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M

Request Chain 163

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENQomoz6plrd--tEJh6Rzi4&google_cver=1&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbapoLEAfJSVT5HX7FNW963R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbapoLEAfJSVT5HX7FNW963R

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cybernews.com/security/new-initial-access-broker-tor-shop/ 118 KB
28 KB 708ms
603ms Document
text/html 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c39e36201428b4a3f706eddc53f612c4966ee5186b3655404d036a4f131c32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7ee94ce4bf68bb7d-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
ct-content-bucket: Security
ct-content-type: Editorial
ct-date-published: 2023-06-29
date: Sat, 29 Jul 2023 23:56:46 GMT
expires: Sun, 30 Jul 2023 03:56:46 GMT
last-modified: Fri, 28 Jul 2023 10:10:14 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 149ms
48ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3553
etag: W/"841a8834d1e8a6a8a6de9933a13d2b34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ee94ce93b233829-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Aug 2023 23:56:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
84 KB 150ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9eb455654272cd5a1dd4e1b2ab9b7a21ba0e87ee9f46b6b442ed3186e83e740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85710
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jul 2023 23:56:46 GMT

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa59cc35bae7531e60351ef3590289ef0bb348ddc145c6e149bcca8f45027670

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 base-27bce7240c445984c8c9.js Show response
cybernews.com/js/ 24 KB
10 KB 63ms
62ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/base-27bce7240c445984c8c9.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a2d93fc3effe860dca85b764c7f5db5d0e35325852a3ffaeac288655cfb646

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 146379
cf-polished: origSize=24289
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 24 Jul 2023 12:19:43 GMT
cf-bgj: minify
server: cloudflare
etag: W/"64be6c5f-5ee1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7ee94ce8eac5bb7d-FRA
expires: Sun, 30 Jul 2023 03:56:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 162ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d84baf76f7e39bb7da06d13d478defbb6765416272b4aff755421a88d5b6c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://cybernews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50637
x-xss-protection: 0
server: cafe
etag: 9499365431817810856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 23:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 421
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 30 Jul 2023 01:49:45 GMT

GET
H2 200 Jurgita_1.jpg
media.cybernews.com/2022/11/ 33 KB
33 KB 213ms
99ms Image
image/jpeg 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/2022/11/Jurgita_1.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6900e6a650c2175b56f8274cda66364f2af68064274d11fb22a6d53faf0c6439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f3a3f62227549dcbb83000c9d8bb826a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 126246
x-amz-cf-pop: CDG52-P1
cf-polished: origSize=35734
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 33332
last-modified: Wed, 30 Nov 2022 13:46:24 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63e1c459d548d27b3a552c51733cb41e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c802be6-FRA
x-amz-cf-id: KR78pGrSbukRPDWyCe5X7zzJJtE1yMIcBxEy2lOdT6EdC7MwSrTIeA==
expires: Sun, 28 Jan 2024 15:16:47 GMT

GET
H2 200 new-access-broker.png
media.cybernews.com/images/750w/2023/06/ 27 KB
28 KB 621ms
507ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/750w/2023/06/new-access-broker.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e372c8fb05cd56a2d10d8ca1a97eb58c3c5aa0db46f52251945bd8a4b0a4eaef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 27739
cf-resized: internal=ok/m q=0 n=38+82 c=18+301 v=2023.7.3 l=27739
last-modified: Thu, 29 Jun 2023 09:10:41 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfxFNqUGJP5F-Tng_1-6bATlWqu5KfpxHRw9djGO55DQ:4ba47f78cc81906468b179777c0a978e"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c832be6-FRA

GET
H2 200 jacopo-pantaleoni-interview2.png
media.cybernews.com/images/thumbnail/2023/07/ 19 KB
19 KB 181ms
66ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail/2023/07/jacopo-pantaleoni-interview2.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf5fff613df450881044717abb560684eba9aa1f7e04844cde93f252ec74c0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 19419
cf-resized: internal=ok/h q=0 n=13+135 c=0+0 v=2023.7.3 l=19419
last-modified: Fri, 21 Jul 2023 13:34:23 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfXel-O4ig6XvlMTZF-4XHa3EgPri99XVCPD58WiJxDQ:0239f8564fb5ea086013a0c09e73f3ba"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c852be6-FRA

GET
H2 200 GDPR-money-Ireland.png
media.cybernews.com/images/thumbnail_small/2023/07/ 4 KB
4 KB 179ms
64ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/07/GDPR-money-Ireland.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6749ddeafe08e17aecfd0974f358b7622c48540676eef700827847b2e003fe0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 4229
cf-resized: internal=ok/h q=0 n=24+0 c=22+86 v=2023.7.3 l=4229
last-modified: Tue, 25 Jul 2023 08:24:42 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf2eZ7b90batb4jyMvkBqCpI7F8iFZYhIqdjUqgfspDQ:51b5244c36c270d8596cc2b1a1f260ca"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c872be6-FRA

GET
H2 200 pixel-iphone-samsung.png
media.cybernews.com/images/thumbnail_small/2023/07/ 5 KB
5 KB 174ms
60ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/07/pixel-iphone-samsung.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f39ee02770c86732c32a10d51f2ff53a611bad64ee0fe066e12e255988135f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 5016
cf-resized: internal=ok/e q=0 n=34+0 c=27+67 v=2023.7.3 l=5016
last-modified: Wed, 26 Jul 2023 11:44:47 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfWHFCs5hwlMZ_lk-DwUCCyr_C8iFZYhIqdjUqgfspDQ:d27fa3cb70f95755ace5533aa2d25b97"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c882be6-FRA

GET
H2 200 google-sycamore-quantum-processor.png
media.cybernews.com/images/thumbnail_small/2023/07/ 6 KB
7 KB 175ms
61ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/07/google-sycamore-quantum-processor.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0026cc4f5b33965977ed9e79661371ac0c7a0d52f324ddd5057fb46a10adc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 6430
cf-resized: internal=ok/e q=0 n=43+0 c=23+75 v=2023.7.3 l=6430
last-modified: Wed, 19 Jul 2023 12:26:30 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfZjloMg77poUHAiRQmxgMof_R8iFZYhIqdjUqgfspDQ:3e55962881cc7d8ff419adc7ac9e0a94"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea0c8a2be6-FRA

GET
H2 200 cover.png
media.cybernews.com/images/thumbnail_small/2023/07/ 2 KB
3 KB 91ms
91ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/07/cover.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba3950786c4d2d350d2793b3383a91626d56bbb9c7669f9e0eaaac22af5de09f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 07a270ab1aab3273835b92a016f8a5dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 2401
cf-resized: internal=ok/h q=0 n=13+0 c=7+44 v=2023.7.3 l=2401
last-modified: Fri, 21 Jul 2023 13:52:53 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf1XyqC-XvkfP0kNstRE0knvBz8iFZYhIqdjUqgfspDQ:68784f0dbc71b5358b8d04ec9a0ac677"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cea2c9e2be6-FRA

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 55ms
54ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3553
etag: W/"22f7e3545bf8cba3cac43d34db3357ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ee94ce98b5f3829-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Aug 2023 23:56:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
220 B 47ms
46ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1850658412&t=pageview&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&ul=en-us&de=UTF-8&dt=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1439681343&gjid=2034904453&cid=135121771.1690675006&tid=UA-149779697-1&_gid=332564410.1690675007&_r=1&_slc=1&cd1=Jurgita%20Lapienyt%C4%97&cd2=Security&cd3=Editorial&z=1597925705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d8b3150c08496435b70daec4e6a2364c8fee799da902fa8954b2bfe9b224b151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 364 KB
125 KB 152ms
71ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31076426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f68f5b757b9ea748adff52b9e7dcf8f9b1860d9ce5bb3662b959a5c86ea9a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127867
x-xss-protection: 0
server: cafe
etag: 16826953171110280660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 049C 10 KB
5 KB 141ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:41:17 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 08:41:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 145ms
48ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=1439681343&gjid=2034904453&_gid=332564410.1690675007&_u=IADAAEAAAAAAACAAI~&z=330523518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WT4CH0JCW1&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bbe7a8194cde3552999dc720be31fc08830dd4ec13a296f51aecd6764fa4743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 23:56:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 3 KB
2 KB 161ms
85ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1690675007120&cv=11&fst=1690675007120&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&hn=www.googleadservices.com&frm=0&tiba=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&auid=2107519744.1690675007&uamb=0&uaw=0&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddbf530484abec73ae15e9e60b0a8c241e1127e728273c6aba6f057f2d6dceff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1397
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
85 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbb22fb1c0e894be65ae90079cfbd2e15c8818f6733c6bf3a3629e7b8be54ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 23:56:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1850658412&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&ul=en-us&de=UTF-8&dt=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookieFooter&ea=load&el=organic&_u=aADAAEABAAAAACAAI~&jid=918832824&gjid=1757324359&cid=135121771.1690675006&tid=UA-149779697-1&_gid=332564410.1690675007&_r=1&cd1=Jurgita%20Lapienyt%C4%97&cd2=Security&cd3=Editorial&gtm=45He37q0n81KMWQ6GT&cg1=Security&cg2=Editorial&cd6=2023-07-29T23%3A56%3A47.125Z&z=1121525684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 69ms
49ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=918832824&gjid=1757324359&_gid=332564410.1690675007&_u=aADAAEABAAAAACAAI~&z=1473444627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 155ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WT4CH0JCW1&gtm=45je37q0&_p=1850658412&_gaz=1&ul=en-us&sr=1600x1200&cid=135121771.1690675006&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&dt=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&sid=1690675007&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=Jurgita%20Lapienyt%C4%97&ep.ua_dimension_2=Security&ep.ua_dimension_3=Editorial
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WT4CH0JCW1&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 48ms
48ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WT4CH0JCW1&cid=135121771.1690675006&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WT4CH0JCW1&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 149ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WT4CH0JCW1&cid=135121771.1690675006&gtm=45je37q0&aip=1&z=1409815600

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 117ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je37q0&_p=1850658412&_gaz=1&cid=135121771.1690675006&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690675007&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&dt=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=Security&ep.pagePostAuthor=Jurgita%20Lapienyt%C4%97
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 48ms
48ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=135121771.1690675006&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 114ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=135121771.1690675006&gtm=45je37q0&aip=1&z=1338314589

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 138ms
50ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=1439681343&_u=IADAAEAAAAAAACAAI~&z=612307357

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 117ms
58ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=1439681343&_u=IADAAEAAAAAAACAAI~&z=612307357

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 141ms
54ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=918832824&_u=aADAAEABAAAAACAAI~&z=1452974291

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 109ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-149779697-1&cid=135121771.1690675006&jid=918832824&_u=aADAAEABAAAAACAAI~&z=1452974291

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/589784210/ 42 B
154 B 107ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/589784210/?random=1690675007120&cv=11&fst=1690671600000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&frm=0&tiba=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=2744828611&rmt_tld=0&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/589784210/ 42 B
154 B 52ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/589784210/?random=1690675007120&cv=11&fst=1690671600000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&frm=0&tiba=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&data=contentBucket%3DSecurity%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=2744828611&rmt_tld=1&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 136ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7da5381acf55ed06bb071e479b400c25329fd96cc0925b7b7e5adae1cb839f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A989 480 KB
95 KB 568ms
567ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1690539014&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007082&bpp=2&bdt=289&idt=246&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3253902801700&frm=20&pv=2&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

765b907070f45dc0884e9260b4d82c714b5134b15bab7324d0849f3203aee7d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 96803
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:47 GMT
expires: Sat, 29 Jul 2023 23:56:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3971 109 KB
39 KB 484ms
483ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a870e2b693c8c9d9d0cb313f89597428854ce82301f8d2aa57f3ddd9075d9f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39572
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:47 GMT
expires: Sat, 29 Jul 2023 23:56:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D7D 167 KB
38 KB 418ms
418ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae9c9ecd90b369ad45170f6c882b07d835d70d89c6c58a75fa8b1523cb6da4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:47 GMT
expires: Sat, 29 Jul 2023 23:56:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1d729dcfac295022447460b8819476ab.js Show response
www.gstatic.com/mysidia/ Frame 4D7D 9 KB
4 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d729dcfac295022447460b8819476ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3961
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 21:13:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 11:20:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 4D7D 2 KB
972 B 197ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:55:50 GMT

GET
H2 200 ab8e0717c0824dec3358cc582de4ac32.js Show response
www.gstatic.com/mysidia/ Frame 4D7D 22 KB
9 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab8e0717c0824dec3358cc582de4ac32.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f20f13c3144f5850d1d3d75d6d6a2b69e4f6a76429f483a883b2aef39b94ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9293
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:01:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 4D7D 23 KB
9 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 4D7D 3 KB
1 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 4D7D 20 KB
9 KB 142ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4D7D 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7GjfzX0JnDc9OVWpWdkBzy1B-fvINAaU3bcyqL2_rmx74hDCDthTopJZyY752oF1DzD3txA0g2yuQegBaupRETal80w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D7D 179 KB
56 KB 154ms
113ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3971 14 KB
2 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:24:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:56:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 3971 2 KB
926 B 143ms
79ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:55:50 GMT

GET
DATA 200
OK truncated
/ Frame 3971 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 3971 23 KB
9 KB 108ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14DB 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 3971 3 KB
1 KB 136ms
80ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6A78 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 03:25:10 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 3971 20 KB
8 KB 100ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3971 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4YB_48H4t6Mbg3Q-IBV1wtGCWFR7qx7ZoMWGexxfvyOd3K_fWDkpK40hYhufFPGcVLXFQ7HecLw9xKUuw9uL4lj7_pw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3971 179 KB
57 KB 158ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame 3971 33 KB
14 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:10:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A78
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGU2U2g3TkkxUXBUTks1&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0K...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGU2U2g3TkkxUXBUTks1&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0KT3iuXwzmJw7gd9OByp-DTn8yCG0T6bWHI5JhDH8CSQFS_ZrRFmiad5Q

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:56:47 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGU2U2g3TkkxUXBUTks1&google_gid=CAESEOVohafRlKMX6kpmIr1s3CU&google_cver=1&google_push=AaAOQGGg6sAelZdP9g0_zrhN2YkTa2zadt6hY2224xD1E0KT3iuXwzmJw7gd9OByp-DTn8yCG0T6bWHI5JhDH8CSQFS_ZrRFmiad5Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6A78 70 B
265 B 171ms
54ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJohoj5XJn_9NGdCzKftbe4&google_cver=1&google_push=AaAOQGHsgYmvx1zPBzxoP4h0x-bUSwxLxIlVV5Tg3azGs693grsxO1-Ud9lDjf-VI0X_zEhMgzoMb1Ic63hPmkO3VWvUI504797u
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 6A78 0
98 B 146ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGHz0El_-BnZFzbY1v19abOP02ZCkoPv0AihDV8ZskVU47M44zvyJaP00PW-I-BjOPqS1MoSLOcVbDtUHdrLcpBd7NKjKrwtPg&google_gid=CAESEIXGx3uFUcKSFXh8UIPRyZs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6A78
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMszQetAnJb8CF4CBsgzeQw&google_cver=1&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_fr...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iFV9Q0xzS4WcMcPh-ksMog2&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_frZMilYRjQEhotiQ

170 B
329 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iFV9Q0xzS4WcMcPh-ksMog2&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_frZMilYRjQEhotiQ

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iFV9Q0xzS4WcMcPh-ksMog2&google_push=AaAOQGHYDpGS_HOK3KpT-FylXy0-2MkqQAf1iHa3YiFcSVc481dszv0rP3hGvn1v780DQ1Du3T0tgTlFij48C_frZMilYRjQEhotiQ
x-host: tde-deliveryengine-production-58b44b5c5-kdzgq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6A78 43 B
146 B 252ms
40ms Image
image/gif 18.197.217.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECbhK7uEwyd4s8nllPczfzM&google_cver=1&google_push=AaAOQGE8gwmcvDBiJFtGpPyhZpol4D863Z8VLEiszFNkzucwwguRHIr3H3VjQGp91KjaDmcIIRo8B7PCtbKJYkrMj0lRxySQcmOm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.217.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-217-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6A78
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIPUOpnUR-A4eW7wD9t9HQ0&google_cver=1&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcS...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcSiddtX&google_hm=eS1TSFJ5VUUxRTJwR3lsSU...

170 B
232 B

51ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcSiddtX&google_hm=eS1TSFJ5VUUxRTJwR3lsSUhkOGRSZVlPR3U5U1BYV0JtOH5B

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEAEDMx_IgBlXbtibgBvvQcvYzpeZ8Uvsus8ZIpYNjUQWPVWbzLaPFMQi2_dKRhZrYa6xOvUHNgoZbVXDUUjI7wTcSiddtX&google_hm=eS1TSFJ5VUUxRTJwR3lsSUhkOGRSZVlPR3U5U1BYV0JtOH5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6A78 42 B
213 B 137ms
48ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP9ZT88aWRjCKFkhEMY7V-I&google_push=AaAOQGHXMfcVV5ulScRSzsB-Z71FeOFqMrnFlDnid_GLDEZxvnSdhxmBluIH-3q2gVUweCHXD8uwTSiDoCw5k383Q9MA0jyrNkiW6g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6A78 0
130 B 149ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoDzyb2S2WZj-zQqDODdv46FY8-FG9LM8H1ecT3gS7rZ2SQXHTwdGvHYYh3ldbELinnUca

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
expires: Sat, 29 Jul 2023 23:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10943935861616395062/ Frame 4D7D 154 KB
154 KB 168ms
166ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10943935861616395062/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a21c4500641953d42cc976ab9b8f6df250122c182900a0f6162c6ba20438c5cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:56:33 GMT
x-content-type-options: nosniff
age: 158414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157259
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 15:05:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 03:56:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1901462621111977041/ Frame 4D7D 88 KB
88 KB 73ms
71ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1901462621111977041/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efcb12176d14d7ef722fa3da0fe0169ab5c61dd309be7578b89fe3307769b90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 11:45:00 GMT
x-content-type-options: nosniff
age: 389507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89968
x-xss-protection: 0
last-modified: Mon, 22 May 2023 14:12:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 11:45:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1536437753293548342/ Frame 4D7D 119 KB
119 KB 145ms
144ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1536437753293548342/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec7855ef147269dd62b98b45070c4fe0012bcd4693120ba93fb0fc9e36e743e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 19:30:37 GMT
x-content-type-options: nosniff
age: 15970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121986
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 19:41:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 19:30:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/996132073851719689/ Frame 4D7D 139 KB
140 KB 154ms
152ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/996132073851719689/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7fd8fd88a14d9e71aa88a8ffa11ae9b7c31662c9240d00c20ebb08870309b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:31:00 GMT
x-content-type-options: nosniff
age: 116747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142837
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:02:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 15:31:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2023487785646375740/ Frame 4D7D 97 KB
97 KB 161ms
160ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2023487785646375740/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02383fc9da3d2206234b1441f5e53360941202ca62b5eaa208c7e82afaeb2496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:00:49 GMT
x-content-type-options: nosniff
age: 179758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99222
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:31:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 22:00:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2110782141597938163/ Frame 4D7D 22 KB
22 KB 126ms
126ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2110782141597938163/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c270847d1cd8cbdab24f2c460c56ae46b5b10763d8f7890fee180127637f1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:39:44 GMT
x-content-type-options: nosniff
age: 65823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22595
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:22:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 05:39:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7403233137553229227/ Frame 4D7D 164 KB
164 KB 137ms
136ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7403233137553229227/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af828e777445d349a01fbc819040d6e1e030bed27b2a7ad707d2eb26dbc586fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:40:21 GMT
x-content-type-options: nosniff
age: 119786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167583
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 19:12:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 14:40:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17230513455201188986/ Frame 4D7D 147 KB
147 KB 173ms
172ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17230513455201188986/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668a5c5f69ffd3a2f2813ddb94458985ae801007b6062f514d553c6938f25b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 20:02:50 GMT
x-content-type-options: nosniff
age: 14037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150227
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 13:13:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 20:02:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A01E 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 03:25:10 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 154 KB
52 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/reactive_library_fy2021.js?bust=31076426

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aba6f306512060433fda8957ec4c768dffe507e5fae4e7b4497734bcb91e905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53528
x-xss-protection: 0
server: cafe
etag: 13628497167405063347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
DATA 200
OK truncated
/ Frame 3971 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d1d21e1ee27cf28191153d6ec7bbe5f818edef2fa219c65afc80a385fd8305

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D7D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e6257d4b81cd4982146f9653956c37e39349f7b136db5cd0a2a15ecdf6a4ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A01E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM2shYa8w60vZ1fimLM8L7w&google_cver=1&google_push=AaAOQGH-4608a1RIEx5HpUD0E7XMk77COFeXuoboGUUVUyVlsxU3vnMvSaslQASfPqQBSwGRNxmQ8nZ5uq8b92wzCnP1FmxIOWMLhyRm
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA3MDE4MjA3Mzk4NTM4MjA1Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1

43 B
398 B

205ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A01E 0
104 B 224ms
81ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOnkeYXa_UlKiBqK4FPt3Q4&google_cver=1&google_push=AaAOQGGyg23c4xEProNRKzL41ApGOl7C4StHQok_wC31FPcgRABEDgaBZCXqn__7Tn-ph3nOCDhKQpwSXAJ6wGAawSlkNMU1f6Ld2Hq_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A01E 70 B
264 B 82ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENrUiuZN0_Hxq0lAllZPPKg&google_cver=1&google_push=AaAOQGFw5gTJRMQNAbGUwslTWaG69U1nE_zB3J7IDtyiqJmLq89b3J1dbDC9sgDK3o2ksuT6VH-_rQE2L1hk8jecoJmooi_cJ0wy9wfx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A01E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIocMGDjZEfF88fcocBFtUs&google_cver=1&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaX...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MTM5Mzg2NzUyNjY5OTE1Mg%3D%3D&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaXoUZW...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MTM5Mzg2NzUyNjY5OTE1Mg%3D%3D&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaXoUZWmF_cCb6RkvjA

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MTM5Mzg2NzUyNjY5OTE1Mg%3D%3D&google_push=AaAOQGFZReqqhKvCXteKGZPvaZWAh9LOu5BhWyYHqXSwC8qMtq049oro8blpeRg2p7rqwWYo05vsnpBYYgaeaXoUZWmF_cCb6RkvjA
Date: Sat, 29 Jul 2023 23:56:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A01E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGGAhQmW...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGGAhQmW...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA4Nzk0NjM3NzcyMQ%3D%3D&google_push=AaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGv...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA4Nzk0NjM3NzcyMQ%3D%3D&google_push=AaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGvuziWn4duowgpEoSi_KCbu-idfPY1b-zUk

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA4Nzk0NjM3NzcyMQ%3D%3D&google_push=AaAOQGGAhQmWr-TUqS43hO8Bjt-Czlb3BOYRiKoWThAbymsg8gxI0OMd1AuAgMrnh2lzGvuziWn4duowgpEoSi_KCbu-idfPY1b-zUk
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A01E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELwTSjM7meN0haBvLTeZD2A&google_cver=1&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQjOsHDjAm1&google_hm=eS03OVFaaS54RTJwSD...

170 B
232 B

51ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQjOsHDjAm1&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG131ULfgzMb0BqkSyQkpjJwaRN07DMUnBiKzNWPNoek39CIKjKuRBuycebCqO0o71d1o7Rkt5nreSs0ZPGpMLlHzQjOsHDjAm1&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame A01E 42 B
103 B 49ms
48ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGWhueeBwTULk2prxSjgQK8&google_push=AaAOQGFhdVViOpYe5TsVY2RCzVuF5RdbIRwiB2WvV9OjHBi9krVqUhLlGfdtdN100FY3XujgDTyXgxXufWEa3EYbb_nen1GhFK6rdjh3&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A01E 0
49 B 61ms
48ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INgMMJ9e-FV-Fy_FhK-_UM4lkJcrC9KIccNE8q2mCfyfv4UTaum3BQNSgfLusni97eVmBf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 9B9B 10 KB
4 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 36A6 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame CC92 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9B9B 4 KB
767 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 23:35:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9B9B 205 B
520 B 41ms
40ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 18:33:35 GMT
x-content-type-options: nosniff
age: 19393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 18:33:35 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9B9B 604 B
696 B 41ms
41ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:02:58 GMT
x-content-type-options: nosniff
age: 158030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Jul 2024 04:02:58 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 9B9B 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6346
x-xss-protection: 0
server: cafe
etag: 2178636335013097452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 23:04:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 9B9B 20 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 3714838898622182897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:22:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36A6 14 KB
1 KB 48ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:29:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 36A6 2 KB
939 B 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:55:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 36A6 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 36A6 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 34CD 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 03:25:10 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 36A6 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36A6 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT63rVRW4GwlWlqTA8Goe7TRX25GVU6HlNLG-jGzO47vPTHyrSakMYcIG5dlfzYcyjk_N2DbJX8B3jpA77ZM3e_rpwTZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36A6 179 KB
56 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 36A6 33 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CC92 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:22:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame CC92 2 KB
937 B 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:55:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame CC92 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF54 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame CC92 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9CFC 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 03:25:10 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame CC92 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC92 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSp3TIiLjjdF-kbTak5KbpVxi-f9QtZRVSzbRgoRVq7mCTqTsV1cX9WviTUw2Tl_GcGXufQF60-T5ye1EpYdLHlc7W4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC92 179 KB
56 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame CC92 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3971 33 KB
34 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 63598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 06:16:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3971 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE6KVP6fFZObsF4fZ3gP3savYB76Q5PVxs8_K_7EQ2uTAuuI4EAEgttfpe2CVyquCtAegAavVtLsCyAEBqAMByAPLBKoE_AFP0EdhKUiEVbLBEK8_T30q90mngRasM9-4dc_5GH8IOYP8v67XoIBurK0Ddj2QXfBo5MO8KCPpSGO8I2wAYa_tor4NRdCEvxI1WqF_bOyFxjaWBJgewl2M--KesAbkFEiUdzDnyVmUmftzr4RpFajkMLlMzIzViKTiySr7il481-l-Zzulz_sSbujmcM9LROcpO0jqMtq-xqh3qpnd1DSLCsjsadG-2zXsG0FJ2zpTT1O4BfRD6zCBy7pBOQY3gFMVuxn_sJkm7xsudjtteBDaYT3SP9cvroRYUanIoV57g0UgIOgFsPPtwOXmV9hSX2J25gh3pFbDSBkZXJDABI3-2O3xApIFBAgEGAGSBQQIBRgEgAfFtJPJAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKXuDNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=KMdEh6U9_sg&uach_m=[UACH]&cid=CAQSKQBpAlJWD5mbxLEICT9lxCQMs5Gt6YZcuJ7hkO5DR8BmoQ5SMQJqOA0_GAE&template_id=5020&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1690539014&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007084&bpp=2&bdt=290&idt=269&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GGY3NaENB7&p=https%3A//cybernews.com&dtd=275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvxoRP6fFZP6zGMuRjuwP9Jyo8AuL6KiQcdTujYSAEmQQASC21-l7KAhglcqrgrQHoAG4gZnaA8gBBqkC5SMmYnF7sj6oAwHIAwKqBP0BT9AX4BG-NKVCsGRtiNjQdPr4IenuLuK1P2SQIWuoPY6CurSw-0USyiO7W5VycV6pmU_i5Qv5V_jEj1s64ZoWRZSbEFNiLfMm3urkIxNk4csxyj89l0lVdRGc-9Ir-HJqV1glzwcJZbsKuhX6HskSinqix2DYp1TMjN3Kov_eUJap7grmeGelcWV-Z6kdwmVk6i_2y4T02FakDGthSqJqNhAAAtbqvyEQ-4xyV-Lt01XksiCacKVBNCbdQBf8GLx1CBwSNgBbZutL62CsaW37fOAKc03yNYqUOXGgfUKu_A0rkE0MgK3H56QiDuXk-Z208YBweTIKC5kvI4Jnw8AE_9KI55oEkgUECAQYAZIFBAgFGASgBjeAB-7z0CmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCh7BvSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQD0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=IUsocoYxchs&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 86ms
84ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmgxrP6fFZP6zGMuRjuwP9Jyo8AvQ9urncafVrPrBEcCNtwEQAiC21-l7KAhglcqrgrQHoAH0xJCfAsgBBqgDAcgDAqoEgAJP0BW3D743pUKwZG2I2NB0-vgh6e4u4rU_ZJAha6g9joK6tLD7RRLKI7tblXJxXqmZT-LlC_lX-MSPWzrhmhZFlJsQU2It8ybe6uQjE2ThyzHKPz2XSVV1EZz70iv4cmpXWCXPBwlluwq6FYIdyTKKy67OpBJsD7SkRTpJJAS6fUgJ5w3q8Eua4P-IQuE0mZLrLfaPNQJb1qQMnpdJIuo25fYB1ui91Ob4jHJ3NxvQVeSy1WxzpUE20StDF_wYSYMKHRI3gb9h5cCc56O9oNb_Iwr_0ua9tQ4zEjKm_yuHqPvFms_7AReOgiiQ7srhTkQq-9yj9iYngfa7HxxmGHsfwASjroWjqwSSBQQIBBgBkgUECAUYBKAGN4AHpM3xpwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCh7BvSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=AUjXLaJiYCY&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFBoFP6fFZP6zGMuRjuwP9Jyo8AvHtIjScZfake7uEZ2-_ZCWDhADILbX6XsoCGCVyquCtAegAY_poPwCyAEGqAMByAMCqgT3AU_QS8cHvjalQrBkbYjY0HT6-CHp7i7itT9kkCFrqD2Ogrq0sPtFEsoju1uVcnFeqZlP4uUL-Vf4xI9bOuGaFkWUmxBTYi3zJt7q5CMTZOHLMco_PZdJVXURnPvSK_hyaldYJc8HCWW7CroV-h7JEop6osd-2Kd36rHIyKL_3lCWqe4K5nhnpXFlfmepHcJlZOov9suE9NhWpAxrYUqiajYQAALW6r8hEPuMclfi7dNV5LIgmnClQTQm3UAX_Bi8dQgcEjYAW2acTdzKTaOsNvjKhuHSCb103JHujKRqtqTDB2u47QKB41Jn2qRRxMNOSDwa4saw2ynABIC8i56pBJIFBAgEGAGSBQQIBRgEoAY3gAfZlt-DAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKHsG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=pvdXgxf7nfQ&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 87ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF0d9P6fFZP6zGMuRjuwP9Jyo8AuDnLmXX57kuYCeC-3ajdSUDhAEILbX6XsoCGCVyquCtAegAcy94YQDyAEGqQLlIyZicXuyPqgDAcgDAqoE_QFP0Fi_CL4xpUKwZG2I2NB0-vgh6e4u4rU_ZJAha6g9joK6tLD7RRLKI7tblXJxXqmZT-LlC_lX-MSPWzrhmhZFlJsQU2It8ybe6uQjE2ThyzHKPz2XSVV1EZz70iv4cmpXWCXPBwlluwq6FfoeyRKKeqLHftindpqG38ii_95QlqnuCuZ4Z6VxZX5nqR3CZWTqL_bLhPTYVqQMa2FKomo2EAAC1uq_IRD7jHJX4u3TVeSyIJpwpUE0Jt1AF_wYvHUIHBI2AFtmhXSaMqxpbft84Apz2Cu19ZQ5caBUb5CoAiv_dGaMrcfnpCIO5eT5vvOJjEx5MgoLmUpwrjPwwAS69OmT9gKSBQQIBBgBkgUECAUYBKAGN4AHnMKee6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKHsG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFAzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=T-P1fGT8vXA&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 85ms
84ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cne2HP6fFZP6zGMuRjuwP9Jyo8AvdrryHaf3j2MXGD2QQBSC21-l7KAhglcqrgrQHoAGnx-LbA8gBBqkC5SMmYnF7sj6oAwHIAwKqBP0BT9BB-wW-MKVCsGRtiNjQdPr4IenuLuK1P2SQIWuoPY6CurSw-0USyiO7W5VycV6pmU_i5Qv5V_jEj1s64ZoWRZSbEFNiLfMm3urkIxNk4csxyj89l0lVdRGc-9Ir-HJqV1glzwcJZbsKuhX6HskSinqix2DYpzKn-NjIov_eUJap7grmeGelcWV-Z6kdwmVk6i_2y4T02FakDGthSqJqNhAAAtbqvyEQ-4xyV-Lt01XksiCacKVBNCbdQBf8GLx1CBwSNgBbZpwErWqsaW37fOAKc5rlOIqUOXGgXCXSsAQr_gBRg63HjKQiDuXk-ba5y5RKeTIKC5lLBJk88MAEl5Hfw4EEkgUECAQYAZIFBAgFGASgBjeAB8G4nSSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCh7BvSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=SFYBe9rvkQI&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 87ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwMdQP6fFZP6zGMuRjuwP9Jyo8AuvuNe8cY3izbzeELO657qQDhAGILbX6XsoCGCVyquCtAegAeae-YUDyAEGqQLlIyZicXuyPqgDAcgDAqoE-gFP0AzNH74zpUKwZG2I2NB0-vgh6e4u4rU_ZJAha6g9joK6tLD7RRLKI7tblXJxXqmZT-LlC_lX-MSPWzrhmhZFlJsQU2It8ybe6uQjE2ThyzHKPz2XSVV1EZz70iv4cmpXWCXPBwlluwq6FYIdyVKKaarH7pdpC1i9XwpIFAWwe0IPngiT9SWejvufSOs-bpHpaQPIQAHb1lEPaxRJoh81EPUD1h--IeX4rIdUwhjQVRGxIG9zp7Q3JChDFwkbvYALHPIw61DFfyYmgIHqrvvwubjy57G_lgbd6l5Szivct7Pnneevi81KrgwWH0156mQQAlxVKuy1fwCvwATtk_TrmgSSBQQIBBgBkgUECAUYBKAGN4AHguGGeqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKHsG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=i1xXHyl8-sc&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 87ms
86ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdRfQP6fFZP6zGMuRjuwP9Jyo8Au2473CcdzZ1IbgEGQQByC21-l7KAhglcqrgrQHoAHcmtz7AcgBBqkC5SMmYnF7sj6oAwHIAwKqBP4BT9A-zii-MqVCsGRtiNjQdPr4IenuLuK1P2SQIWuoPY6CurSw-0USyiO7W5VycV6pmU_i5Qv5V_jEj1s64ZoWRZSbEFNiLfMm3urkIxNk4csxyj89l0lVdRGc-9Ir-HJqV1glzwcJZbsKuhX6HskSinqix2DYpzmM2eLKov_eUJap7grmeGelcWV-Z6kdwmVk6i_2y4T02FakDGthSqJqNhAAAtbqvyEQ-4xyV-Lt01XksiCacKVBNCbdQBf8GLx1CBwSNgBbZsBe_N9OjqP_NW7NttDN0jUxqViLpBi_5ow5QxVUsCbDYgMKLOXo7VbsqbD7dxAKBY_ueZN9QtrABIW8-YubBJIFBAgEGAGSBQQIBRgEoAY3gAeM5aOEAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKHsG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=f3qE0XhGecc&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
19 B 86ms
84ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQRuBP6fFZP6zGMuRjuwP9Jyo8AvstJHVceSulpbJEZ_JhpiVDhAIILbX6XsoCGCVyquCtAegAf_LmMIpyAEGqAMByAMCqgT6AU_QGqsBvj2lQrBkbYjY0HT6-CHp7i7itT9kkCFrqD2Ogrq0sPtFEsoju1uVcnFeqZlP4uUL-Vf4xI9bOuGaFkWUmxBTYi3zJt7q5CMTZOHLMco_PZdJVXURnPvSK_hyaldYJc8HCWW7CroVgh3JUoppqsfB3iNBQ71fCkgUBbB7Qg-eCJP1JZ6O-59I6z5ukelpA8hAAdvWUQ9rFEmiHzUQ9QPWH74h5fish1TCGNBVEbEgb3OntDckKEMXCRu9gAsc8jDLY83IwsFOhaMgPDXix3vYay-_LDubFwFjBybbz8hs4yqIzUquDBYkX0T5ZBACXFUqw-EKK5nABJj5vKjGBJIFBAgEGAGSBQQIBRgEoAY3gAf_g-mhBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKHsG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=eWJpFto_EQA&uach_m=[UACH]&cid=CAQSKQBpAlJWCMir2_aBUDzJuvigj1Jcs3g7rxCy4e6nXADcylcJ2TDcUXjaGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1690539014&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690675007086&bpp=1&bdt=292&idt=277&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=3253902801700&frm=20&pv=1&ga_vid=135121771.1690675006&ga_sid=1690675007&ga_hid=1850658412&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076341%2C31076426%2C31076447%2C44788442%2C44797786&oid=2&pvsid=2254573583931303&tmod=1817521909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=y4XPmSzM3f&p=https%3A//cybernews.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 29 Jul 2023 23:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CF0 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7101 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:21:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7101 2 KB
892 B 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 7101 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9701 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7101 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 783D 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 03:25:10 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7101 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7101 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2fIEw9cIFWRNZ7nfeab5WCJn--dxQ4nlmDXY2yM6FFbgjPjW8EbcQiisWQCT_h1S_kQz2sulPmO5U4npRSoXjt8Cn0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7101 179 KB
56 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H3 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 7101 33 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 34CD 35 B
465 B 162ms
46ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEArm_GG0avGlAR3Bo_UkkfQ&google_cver=1&google_push=AaAOQGEKCO55FLowE6PdV4j3J3Q6eDt-eoAmugVg9Qyzarc4x5Axm8qToGaKyVaonMfMmxTk84whPwQEAuNndny4bWxj7enhNaFCsFs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 34CD
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIOpWrAYH9vfex6binInyx8&google_cver=1&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnKM0SZkAvGH3rDXHA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnK...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnKM0SZkAvGH3rDXHA

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGFXWwue9icezrq3U7D9kdIAMoNkdCucHjtE0wl-D2vypPDeHW8qLMrcYdyf_Qn_Uf1rgFyjVdKsW7q0PnKM0SZkAvGH3rDXHA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 28 Jul 2023 23:56:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 34CD
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEHi0p8mrRhUzoMd7Kb0WXg&google_cver=1&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzW...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzWohwCWhx8c6g759Qhmgms&google_hm=OVLmB6IrRfCRe-oS5...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzWohwCWhx8c6g759Qhmgms&google_hm=OVLmB6IrRfCRe-oS5XxmHGw

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqOR9Mzno2-VwyP5KU8C_wBUm-ilBdezr3Fs0Fj_JK6LAKgbefhj6LaWMgL3NSsH0lebL_uVWqBzWohwCWhx8c6g759Qhmgms&google_hm=OVLmB6IrRfCRe-oS5XxmHGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 34CD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGfk1mWI8S1T9WjTk0gLiG0&google_cver=1&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2e...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2efNaIJwGg&google_hm=eS03OVFaaS54RTJwSDF...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2efNaIJwGg&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFAGK6bWtrfHPa1Wf2Xf0P2Je7lckm8vmMtzkZX1JSQpY7CaXiVx-KpOSQitbR7gShkeBS0dLpRkM5eNV3sCm-Wg2efNaIJwGg&google_hm=eS03OVFaaS54RTJwSDFQQzZadnQyTEZ0QlhwWld6VnFsLn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 34CD 43 B
362 B 163ms
49ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGGPjx-iEc3XPrp7xE0GrX9D6BNE2OwcS4WuDZt2qfJbFbQgWzG5hhrThNaSxwRzgc1-QhGE1Z1wsAY8VZmRQhYe6K64eFh9LHg&google_gid=CAESECHlexM9lx_GP_8RfrYKqZ0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 232503
expires: Sat, 29 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 34CD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMmyLF6pqlv2hizgojPlKRY&google_cver=1&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVP...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMmyLF6pqlv2hizgojPlKRY&google_cver=1&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE1NTk2NDk2NzQ5NzMwNzE1Ng&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kS...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE1NTk2NDk2NzQ5NzMwNzE1Ng&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVPrxDOxxfwHkKnOYXrjVZCVyk

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE1NTk2NDk2NzQ5NzMwNzE1Ng&google_push=AaAOQGEGqGNWAX8sMVwKlj0W4QrINHhudVynSyyQiENVkwEoxNK0SDReRtTm0OXlcRYXDDz0q_p1kSVPrxDOxxfwHkKnOYXrjVZCVyk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 34CD
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKo_88BuHQ8J...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFvoyOs8ZtC1YtMi0NYTVUWpq75rsvuBwgnCb1IhEzOuoTeASGjSxUzM40-wFjLPCjKd9lFM8zU4HfqcX08HWM9TAYchBnVPA7L
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

63ms
63ms

Image
image/gif

23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Protocol: H2
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Sat, 29 Jul 2023 23:56:48 GMT
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 34CD 0
12 B 47ms
46ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KE1h_PD3l4ylCzOR0o1vTP0Tq70v58JNxEXirsqT8LUeRW3R9SVWsT0a_-p8fWahtedX959g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9CFC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1&google_push=AaAOQGF93u99_OPahQMfNPmyk50dyRGXQk0gQDfqZTRs6DBNyMvrSyd2cpR9Qs3mlGsjDwTMX7wChiGE8RqBLa-cHdCRwmH5-ovL1Ek
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0MjIzOTY2ODAyMzMwOTk4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1

43 B
398 B

205ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwbkTJGXIrlWNy-PWdtVhU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9CFC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrG...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxF...

43 B
424 B

230ms
199ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ee94cf4be221905-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 125
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELTo0PSwZpUtnQ0nMEivyQU&google_cver=1&google_push=AaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGXT74x7k9cAbx7sDm0NLi4_h5Wd53CdllyjFri0ruAJVqc5EmFvMrM4ktumAhsK9vnoRUjigrEN7ywUC8yoFishAXjjxFrGow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ee94cf33ce01905-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CFC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAV3ZrSrxicHOu4bLoqugYk&google_push=AaAOQGHQZOu27tCWDOhu3rmCYO1B6XIBhAEbMyl4xnclI76cGlWAMcjd6B...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAV3ZrSrxicHOu4bLoqugYk&google_push=AaAOQGHQZOu27tCWDOhu3rmCYO1B6XIBhAEbMyl4xnclI76cGlWAMcjd6B0CS-4iM5r2nZZT_p_aoeDi58PSKtVmJ83Wo0yFfOu2_w

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230084-FRA
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1690675009.520093,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAV3ZrSrxicHOu4bLoqugYk&google_push=AaAOQGHQZOu27tCWDOhu3rmCYO1B6XIBhAEbMyl4xnclI76cGlWAMcjd6B0CS-4iM5r2nZZT_p_aoeDi58PSKtVmJ83Wo0yFfOu2_w
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9CFC 70 B
264 B 56ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH987J9p3QFyf38tmKXsY7A&google_cver=1&google_push=AaAOQGGfrxjo9cv0QPVKTfzRIVTD6RMJe55ErDjyUAcCldA2aZLlADF4p_ty4BLI7z82sJt3XpzxRs-wd20HOL_FlzFmE1QjR7bhbvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CFC
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEHi0p8mrRhUzoMd7Kb0WXg&google_cver=1&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k7...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k78RKwTenyBrKM6e27gUAA&google_hm=BshXdsTmSmSsJjsj-...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k78RKwTenyBrKM6e27gUAA&google_hm=BshXdsTmSmSsJjsj-MYZtGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGuZVpyALgnAwPkGAp9r6rvXrEM8qbI-e_Racz8u1_HfYG2ApQ3mafC1KFLZha4LFUQ2xICdo6_5k78RKwTenyBrKM6e27gUAA&google_hm=BshXdsTmSmSsJjsj-MYZtGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9CFC 43 B
363 B 156ms
49ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGFMmWNokJK7PM0AEnZcRwRNxGPQywmR0e42HjZROw7WomeGMBVQgRCM8pMe2GuYvqL5HxeC9IeDt5HTjn4CiyWJCfDYgg68vw&google_gid=CAESECHlexM9lx_GP_8RfrYKqZ0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 202029
expires: Sat, 29 Jul 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 9CFC
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKo_88BuHQ8J...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEBINCOob06KqMc073Aej-wNcJQUj6I1K0m8cVeTbtDL_a7kQ3C_DUaD9JboiidxYGvN0d2gkMGjGjGNxpCsd7d9Gmg9iPn3L5m
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

64ms
63ms

Image
image/gif

23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/
Protocol: H2
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Sat, 29 Jul 2023 23:56:48 GMT
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9CFC 0
12 B 47ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXM3I5L1lDGE-CBijcj_sb9N10dkXiqdm-eNL2aplR3rwwfalDcQc1d56Ss_4aKsCZrnlEGQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
expires: Sat, 29 Jul 2023 23:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame F5A0 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIOpWrAYH9vfex6binInyx8&google_cver=1&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUXj5kAoFEtfFpPG5NkQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUX...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUXj5kAoFEtfFpPG5NkQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=634035FB6EFF49EE9A107303F7CC32D3&google_push=AaAOQGEh36ZHXCJqHTM4ljh4iqZowWiONmu2OSm8LEPYSRI2xaXPRSTJP8uqer3kxyOSESF33EKX37j7cy1AtUXj5kAoFEtfFpPG5NkQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 28 Jul 2023 23:56:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMrU44ThvyU1tn6bNvX-XK0&google_cver=1&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU&google_hm=Q0FFU0VNclU0NFRod...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU&google_hm=Q0FFU0VNclU0NFRodnlVMXRuNmJOdlgtWEsw

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:56:48 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AaAOQGFlcIl863gDL94zXnPj7JB2YaQn3DFRTfqoADj0wzV_nd8GcPLlPxPs_58a3z9V-CmQZS0UWXrHpkPfTMWwIagiAFFt0jAWALvU&google_hm=Q0FFU0VNclU0NFRodnlVMXRuNmJOdlgtWEsw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGH3SlI8...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA5MDM3MjA2MzA5MA%3D%3D&google_push=AaAOQGH3SlI8DgFEyWhTvO5CrLu6zw2iM8-URFvg_DiFu9G5ftXPX8jcp-NiCySkFXCsNH...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA5MDM3MjA2MzA5MA%3D%3D&google_push=AaAOQGH3SlI8DgFEyWhTvO5CrLu6zw2iM8-URFvg_DiFu9G5ftXPX8jcp-NiCySkFXCsNHUdkc2dadm9rwI_wFMjkARYJm6JVStsKuDw

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MjkyMzU2NDgwMDA5MDM3MjA2MzA5MA%3D%3D&google_push=AaAOQGH3SlI8DgFEyWhTvO5CrLu6zw2iM8-URFvg_DiFu9G5ftXPX8jcp-NiCySkFXCsNHUdkc2dadm9rwI_wFMjkARYJm6JVStsKuDw
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENGR49kVhlpZrY74QTK22oM&google_cver=1&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6Bv...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENGR49kVhlpZrY74QTK22oM&google_cver=1&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEFGW3TSfhy2f5qKHfJrq030D0oxQ08TwgQaxG1IhWsdeAo3CLQJk1LszNIJshlv0EZX0S3ZZYatX5kGCQpnC3f6BvPJU_Oe_M
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 783D 43 B
362 B 50ms
49ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGHdG9hW_KEx5hI3UsaRN4SssW6AEs6g0ndqBxVszq6dthF5BBM2SbzpcQVii-7AeAiGqX9hTNT5rENZ-qxT6wqPhqkJ_MgjjlA&google_gid=CAESECHlexM9lx_GP_8RfrYKqZ0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 162232
expires: Sat, 29 Jul 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 783D 43 B
297 B 246ms
46ms Image
image/gif 2a05:d01c:1d8:8101:59bb:9f0:95de:e1fa
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFTsngV2XbPr9sr2_rinyGc&google_cver=1&google_push=AaAOQGEiSOEcX97WGmjqoWVrU0EIQCcvcDx7ktr4O4mDM5pDGTX9Qyg5ZUAcVa9V6I5zkg34PsizTP4Zxuk8pbUrmVRyvBdz7OjOoTdZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:59bb:9f0:95de:e1fa London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENQomoz6plrd--tEJh6Rzi4&google_cver=1&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbap...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbapoLEAfJSVT5HX7FNW963R

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbapoLEAfJSVT5HX7FNW963R

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHXlGMmKeaAGlz4Aoiywwg3M3SDvbbWtCaMNJm3TAdTNC3iavh-pcun_YWqd-_A_Jlk7Ju23kyJDbapoLEAfJSVT5HX7FNW963R
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 783D 0
12 B 47ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpXKZIbAm0dN_lpYBWoKZi_reoLQykgUSyf8571sd38YDNuaZkflGXM8JXcl_oc9CTBpmH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9701
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
expires: Sat, 29 Jul 2023 23:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 59F3 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 60E2 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/security/new-initial-access-broker-tor-shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 3 KB
2 KB 115ms
99ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc11e124f9446f8cf305776bcac97fe74d06b6534fdf3e9c69ca77337cf44ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4dad3c61-f164-4b11-86a8-725b43f0a7a4
x-runtime: 0.035861
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cdc11e124f9446f8cf305776bcac97fe"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7ee94cf55cf33829-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 30 Jul 2023 00:56:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 67ms
67ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c40713379e16c99bb59c9857d2fdb24de556b07d995388a2b7f3b002bd6a80fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11757
x-xss-protection: 0

GET
H3 200 search-27bce7240c445984c8c9.js Show response
cybernews.com/js/ 8 KB
4 KB 63ms
62ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/search-27bce7240c445984c8c9.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-27bce7240c445984c8c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023b945134e50722e2c7698262b7ea251049bca9167ea1760384d670fa84718c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 146548
cf-polished: origSize=8117
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 24 Jul 2023 12:19:43 GMT
cf-bgj: minify
server: cloudflare
etag: W/"64be6c5f-1fb5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7ee94cf53fc89bb6-FRA
expires: Sun, 30 Jul 2023 03:56:48 GMT

GET
H3 200 links-bar-27bce7240c445984c8c9.js Show response
cybernews.com/js/ 6 KB
3 KB 62ms
61ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/links-bar-27bce7240c445984c8c9.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-27bce7240c445984c8c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfcc10b6536770b3f9ac8d39fae64f959d84723569b53f47f8eb2bd020bc6da7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 146543
cf-polished: origSize=5764
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 24 Jul 2023 12:19:43 GMT
cf-bgj: minify
server: cloudflare
etag: W/"64be6c5f-1684"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7ee94cf53fc99bb6-FRA
expires: Sun, 30 Jul 2023 03:56:48 GMT

GET
H3 200 scroll-up-27bce7240c445984c8c9.js Show response
cybernews.com/js/ 1 KB
1 KB 63ms
63ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/scroll-up-27bce7240c445984c8c9.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-27bce7240c445984c8c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba039d9e9b08fc4c48d4d656f8dd20de7f96f0dc6d6d8c558b9aee51527408e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 146548
cf-polished: origSize=1509
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 24 Jul 2023 12:19:43 GMT
cf-bgj: minify
server: cloudflare
etag: W/"64be6c5f-5e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7ee94cf53fcb9bb6-FRA
expires: Sun, 30 Jul 2023 03:56:48 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1850658412&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&ul=en-us&de=UTF-8&dt=Hacker%20sets%20up%20Tor-based%20online%20shop%20to%20sell%20access%20to%20firms%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F&el=25%25&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=135121771.1690675006&tid=UA-149779697-1&_gid=332564410.1690675007&cd1=Jurgita%20Lapienyt%C4%97&cd2=Security&cd3=Editorial&gtm=45He37q0n81KMWQ6GT&cg1=Security&cg2=Editorial&cd6=2023-07-29T23%3A56%3A48.826Z&z=21275506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 05:49:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65216
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 broker-tor-page.png
media.cybernews.com/2023/06/ 300 KB
300 KB 88ms
87ms Image
image/png 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/2023/06/broker-tor-page.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1301179054d89c4d87de430e8c2fad3a8dc81fcea5a5ee002f1fa87d58d6310c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 306693
last-modified: Thu, 29 Jun 2023 09:11:16 GMT
server: cloudflare
etag: "71ec6dff4daed183759fc270bc2e2fd1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=15780000
accept-ranges: bytes
cf-ray: 7ee94cf58d8b2be6-FRA
x-amz-cf-id: dn3hS5KigVtUGoCjVK_wgWAqHMJWaSETdLqeTCHeWZl9etBW7VWG3w==
expires: Sun, 28 Jan 2024 15:16:48 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:56:48 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 55ms
54ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3555
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7ee94cf5f91491e4-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 28 Aug 2023 23:56:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F08 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:10:38 GMT
expires: Sun, 28 Jul 2024 17:10:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBFA 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d671e75c33ad6a1e5b962525e137d60c6a3e341140d5cf0cb386e17266f88b29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ibCYnr14w7WpW1zwY5Vydw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ibCYnr14w7WpW1zwY5Vydw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:56:48 GMT
expires: Sat, 29 Jul 2023 23:56:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F08 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBFA 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2254573583931303&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F08 0
10 B 264ms
264ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rAL1GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:56:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2254573583931303&bg=!lZallsLNAAZGOVy5Zjk7ADkAdvg8Wgh8_dSEcSuh8dc1AzgT_ivUv26qu30np7hVbmFhiKPUqCliIx9x7aS08ah9EKAMPllXV9QCAAAAQ1IAAAAgaAEHCgC5YOe9LNIl3urQOnHUB-RPmw8W1iQnpOlHGOR2doqvuj-vwVLUFnsoDqUPYZVHfAoj5Ug7OhWLRaTaTZzoBEBvycs3uZR4Hhcp1PX-aYEsouf3zhC7pVqQch43Tt4vUwqlGI-NNaGv411v89rDdJ2NwF4nUYPslooz63joFBMuMRNvabSYzJzXMb5HjmT-FXfGFPXNi3-9wIAzSuiqjKh9sh9aXEdYJZPQtzbYtl2MgpyKAV5p7MX4DYWZAqMahvbeGvsCcS254Vhcrgbw-bL5IAzVkGbbbNxZcRCPkiCYNZCtQfHAh6ta33vVO1u-UY-y7lz1L8X5375PKslcNDjUu2uLAslCY-zAUOeKRBo4puwFaG4yC-bH8FrjA0LzF36NgoWXrJgDY6bbWowJBd0VPAMJr8DpLmlzZmRw0BKe2pgqCebJF91GYj7y8p0FL1Bq8KLxRxv6nG_eYTD9P3XDRusyvRzQsA6ZQHRSuKrJbuhKlQxSXQwhjkx8_bf607_hi-eKWvQV1lpL574AFUpMCPeQivCwR4DjKdI1PD2PK0J7FMNfiDGTSMiqdKglQN7Cy9I8GNva2XOgT-qwCcDrCwMO38kpSEQXaPVqzutJF-2Sq4ZjO8Sg42XPcOcxE1t84QpYg6qj9u-Oyr3Zy8-5Tg5NL0UxeNkQI3Ic5Yns1jgllFAgd-PLimEnbRB6uj5FYPXHXyP-Sn5_R3R-akNtv7FI2hRUvEhC6GjApbxCatq-TU92w_sdG-cyV3MY6WO6wJ21vQQ80GggMHralvHNpHkDWArDLwJOXHQu_Fz0dvLC-z7ezcX_Ar27IcbiyvSyVudR9yWFgUzn6FkTVwLveqwIq6Ln4vzNzMTkzpLO4gaP5xCDNTkiwzwTbew82aQAaCOl1pNUOz1Db2HMKKlOGugjdOnLWgOAWBXGrLVi9rm9fkhWZBk1Rqs2ww3010a8L8YyfBHi-q4RB_q9mScD5-BDvekItjO4ykTT0UlQ2k7grIOimXbI-FMLMM3YtJLaxV_qMalsqidJqJl94EPoKa3jR5myn9QqjMM-FDfigUw1n_f_UA1mEzsBv81X1vlo4nKjXcz1IzlnB4qDk9SUzXha5F9914mJOgsM-nrdIJSxkUWJoMiT45k61awmkSo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybernews.com/	1970-01-20 13:38:09	Name: cn_t_bs Value: 90
.cybernews.com/	1970-01-20 13:38:09	Name: cn_t_sess Value: %7B%22cid%22%3A%22135121771.1690675006%22%2C%22clickId%22%3Anull%2C%22clickType%22%3Anull%2C%22landingPageUri%22%3A%22https%3A%2F%2Fcybernews.com%2Fsecurity%2Fnew-initial-access-broker-tor-shop%2F%22%2C%22sessionId%22%3A%2213fd0d52-6305-4955-8087-55665c2e7406%22%2C%22timeStamp%22%3A1690675006%7D
.cybernews.com/	1970-01-20 14:21:07	Name: cn_t_gtc Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/	1970-01-20 14:21:07	Name: cn_t_btc Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/	1970-01-20 23:13:55	Name: cn_t_uid Value: d987dea5-ef78-4f49-9116-eaef646880f5
.onesignal.com/	1970-01-20 13:37:56	Name: __cf_bm Value: COIFEMhR36zmPw2yvA_AfdBrQP1I3TH7VhOeCXlxQoQ-1690675006-0-AY1aX66Bxu7aKOJXmHL4/GBkobihPq+1vNGs4AWR4WGL490VRjuQjiVHUuJNCy3l6BE4qtT7c93v9Mw+ZhvM7yE=
.cybernews.com/	1970-01-20 13:39:21	Name: _gid Value: GA1.2.332564410.1690675007
.cybernews.com/	1970-01-20 13:37:55	Name: _gat Value: 1
.cybernews.com/	1970-01-20 15:47:31	Name: _gcl_au Value: 1.1.2107519744.1690675007
.cybernews.com/	1970-01-20 13:37:55	Name: _gat_UA-149779697-1 Value: 1
.cybernews.com/	1970-01-20 13:37:56	Name: __cf_bm Value: El6umAELwK.sUdLjuiFAHs6H_TnfUr5Qmcxf2ImRO04-1690675007-0-AXNXb6R2QhYuYcqpcVJMt2uGV/0s/lGMuDc+NwyqMfoBsrBi6FcobcVR3yQCzY/H0wtZaeh7xx/NAuMhINUW1ySfj32Ly0N4yXkA1ZI/Ifgk
.cybernews.com/	1970-01-20 13:37:57	Name: ga_fired Value: true
.cybernews.com/	1970-01-20 22:59:31	Name: __gads Value: ID=264e8fa02a328d5e-22b6b5b51ce300f1:T=1690675007:RT=1690675007:S=ALNI_MY1WPR7XUVBMEpw4ec3V5HNttV2-g
.cybernews.com/	1970-01-20 22:59:31	Name: __gpi Value: UID=00000d30f31f4d85:T=1690675007:RT=1690675007:S=ALNI_MYqzk9yxEeCrF-gwmAozEGmInYzew
.doubleclick.net/	1970-01-20 22:59:31	Name: IDE Value: AHWqTUnTPPNzEJJKqu-y0htzSar0-jJM2gZ7eMzTiVOfMSe2dfeWfTSEMHVT8mtJzD8
.doubleclick.net/	1970-01-20 13:37:58	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-20 23:09:35	Name: _tracker Value: %7B%22UUID%22%3A%2288557D43-4C73-4B85-9C31-C3E1FA4B0CA2%22%7D
.w55c.net/	1970-01-20 23:09:35	Name: wfivefivec Value: Xe6Sh7NI1QpTNK5
.yahoo.com/	1970-01-20 22:23:52	Name: A3 Value: d=AQABBECnxWQCEBjWBd-eFZBIQIR8EGwNRKIFEgEBAQH4xmTPZAAAAAAA_eMAAA&S=AQAAApH8ZLPeiTFLkW0GUojrwIc
.adfarm1.adition.com/	1970-01-20 15:47:31	Name: UserID1 Value: 7261393867526699152
.w55c.net/	1970-01-20 14:21:07	Name: matchgoogle Value: 5
.e.dlx.addthis.com/	1970-01-20 23:08:09	Name: na_tc Value: Y
.turn.com/	1970-01-20 17:57:07	Name: uid Value: 3142239668023309988
.adform.net/	1970-01-20 14:22:33	Name: C Value: 1
.simpli.fi/	1970-01-20 22:24:57	Name: suid Value: 634035FB6EFF49EE9A107303F7CC32D3
.ctnsnet.com/	1970-01-20 22:23:31	Name: cid_3952e607a22b45f0917bea12e57c661c Value: 1
.ctnsnet.com/	1970-01-20 22:23:31	Name: gid_CAESEEHi0p8mrRhUzoMd7Kb0WXg Value: 1
.ctnsnet.com/	1970-01-20 22:23:31	Name: cid_06c85776c4e64a64ac263b23f8c619b4 Value: 1
.quantserve.com/	1970-01-20 15:47:31	Name: d Value: EHsBCQHKKYEA
.quantserve.com/	1970-01-20 23:08:09	Name: mc Value: 64c5a740-82033-f84fe-a2636
.cybernews.com/	1970-01-20 23:13:55	Name: _ga_KT8DKCHF41 Value: GS1.1.1690675007.1.0.1690675008.59.0.0
.adform.net/	1970-01-20 15:04:19	Name: uid Value: 1155964967497307156
.everesttech.net/	1970-01-20 22:23:31	Name: everest_g_v2 Value: g_surferid~ZMWnQAAAATNP3ABV
.addthis.com/	1970-01-20 23:08:09	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 14:21:07	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 14:21:07	Name: na_sr Value: 20230729
.dlx.addthis.com/	1970-01-20 13:37:55	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 14:21:07	Name: na_sc_e Value: 0
.de17a.com/	1970-01-20 22:16:19	Name: guid Value: 1.5530746827567515347
.agkn.com/	1970-01-20 22:23:31	Name: ab Value: 0001%3AGyEwHrIhrThqQ43btv73Ul7PDkRGg8xG
.agkn.com/	1970-01-20 22:23:31	Name: u Value: C\|0CEAsWGPALFhjwAAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/	1970-01-20 23:08:09	Name: na_id Value: 2023072923564800090372063090
.addthis.com/	1970-01-20 23:08:09	Name: uid Value: 64c5a74051ca24b3
.addthis.com/	1970-01-20 23:08:09	Name: ouid Value: 64c5a740000146f72c0e31f5a6c23ddf68bddfae228593fd0855
.cybernews.com/	1970-01-20 23:13:55	Name: _ga Value: GA1.2.135121771.1690675006
.cybernews.com/	1970-01-20 23:13:55	Name: _ga_WT4CH0JCW1 Value: GS1.2.1690675007.1.0.1690675008.59.0.0
.innovid.com/	1970-01-20 15:47:31	Name: uuid Value: b88dc9ce-5f15-42f6-8c08-509465329ab4-20230729 19:56:48
.tribalfusion.com/	1970-01-20 15:47:31	Name: ANON_ID Value: a8ntuJw5EGiAaINQfTsPTGO7b2LaQbxZdWMG2BZapWYZbUc3tTXGnmUop9EJmuxkZdJKQYvetheZaSaQWRcREub1RKg7E

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGHz0El_-BnZFzbY1v19abOP02ZCkoPv0AihDV8ZskVU47M44zvyJaP00PW-I-BjOPqS1MoSLOcVbDtUHdrLcpBd7NKjKrwtPg&google_gid=CAESEIXGx3uFUcKSFXh8UIPRyZs&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-5928161074779380&fa=4&ifi=5&uci=a!5&btvi=3&xpc=z0q8H4PvoF&p=https%3A//cybernews.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271803&client=ca-pub-5928161074779380&fa=3&ifi=6&uci=a!6&btvi=4&xpc=audSCbGKYv&p=https%3A//cybernews.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
ag.innovid.com
c1.adform.net
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
cybernews.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
media.cybernews.com
odr.mookie1.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.194
151.101.130.49
178.250.7.11
18.197.217.197
2001:4860:4802:32::36
213.155.156.169
23.192.153.28
2606:4700:3108::ac42:283b
2606:4700:3108::ac42:2bc5
2606:4700::6812:18ad
2606:4700::6812:d63b
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a02:fa8:8806:16::1370
2a05:d018:d29:3602:e367:e25b:44f7:80c5
2a05:d01c:1d8:8101:59bb:9f0:95de:e1fa
34.160.236.64
35.186.193.173
35.190.0.66
35.204.158.49
35.244.174.68
35.71.131.137
37.157.6.233
46.228.164.11
51.75.86.98
52.28.142.138
52.29.47.82
69.192.160.219
85.114.159.93
00a2d93fc3effe860dca85b764c7f5db5d0e35325852a3ffaeac288655cfb646
02383fc9da3d2206234b1441f5e53360941202ca62b5eaa208c7e82afaeb2496
023b945134e50722e2c7698262b7ea251049bca9167ea1760384d670fa84718c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba039d9e9b08fc4c48d4d656f8dd20de7f96f0dc6d6d8c558b9aee51527408e
124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5
1301179054d89c4d87de430e8c2fad3a8dc81fcea5a5ee002f1fa87d58d6310c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ec7855ef147269dd62b98b45070c4fe0012bcd4693120ba93fb0fc9e36e743e
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
2c270847d1cd8cbdab24f2c460c56ae46b5b10763d8f7890fee180127637f1d4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bbe7a8194cde3552999dc720be31fc08830dd4ec13a296f51aecd6764fa4743
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0026cc4f5b33965977ed9e79661371ac0c7a0d52f324ddd5057fb46a10adc7
4f20f13c3144f5850d1d3d75d6d6a2b69e4f6a76429f483a883b2aef39b94ff6
541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e6257d4b81cd4982146f9653956c37e39349f7b136db5cd0a2a15ecdf6a4ce6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668a5c5f69ffd3a2f2813ddb94458985ae801007b6062f514d553c6938f25b68
6749ddeafe08e17aecfd0974f358b7622c48540676eef700827847b2e003fe0d
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6900e6a650c2175b56f8274cda66364f2af68064274d11fb22a6d53faf0c6439
6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91
765b907070f45dc0884e9260b4d82c714b5134b15bab7324d0849f3203aee7d4
7aba6f306512060433fda8957ec4c768dffe507e5fae4e7b4497734bcb91e905
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7d84baf76f7e39bb7da06d13d478defbb6765416272b4aff755421a88d5b6c0a
7da5381acf55ed06bb071e479b400c25329fd96cc0925b7b7e5adae1cb839f0e
7f39ee02770c86732c32a10d51f2ff53a611bad64ee0fe066e12e255988135f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1d21e1ee27cf28191153d6ec7bbe5f818edef2fa219c65afc80a385fd8305
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f68f5b757b9ea748adff52b9e7dcf8f9b1860d9ce5bb3662b959a5c86ea9a20
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21c4500641953d42cc976ab9b8f6df250122c182900a0f6162c6ba20438c5cf
a4c39e36201428b4a3f706eddc53f612c4966ee5186b3655404d036a4f131c32
a870e2b693c8c9d9d0cb313f89597428854ce82301f8d2aa57f3ddd9075d9f68
aa59cc35bae7531e60351ef3590289ef0bb348ddc145c6e149bcca8f45027670
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14
ae9c9ecd90b369ad45170f6c882b07d835d70d89c6c58a75fa8b1523cb6da4d5
af828e777445d349a01fbc819040d6e1e030bed27b2a7ad707d2eb26dbc586fc
ba3950786c4d2d350d2793b3383a91626d56bbb9c7669f9e0eaaac22af5de09f
bfcc10b6536770b3f9ac8d39fae64f959d84723569b53f47f8eb2bd020bc6da7
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
c40713379e16c99bb59c9857d2fdb24de556b07d995388a2b7f3b002bd6a80fd
cdc11e124f9446f8cf305776bcac97fe74d06b6534fdf3e9c69ca77337cf44ca
d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88
d671e75c33ad6a1e5b962525e137d60c6a3e341140d5cf0cb386e17266f88b29
d8b3150c08496435b70daec4e6a2364c8fee799da902fa8954b2bfe9b224b151
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
ddbf530484abec73ae15e9e60b0a8c241e1127e728273c6aba6f057f2d6dceff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021
e372c8fb05cd56a2d10d8ca1a97eb58c3c5aa0db46f52251945bd8a4b0a4eaef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7fd8fd88a14d9e71aa88a8ffa11ae9b7c31662c9240d00c20ebb08870309b80
e9eb455654272cd5a1dd4e1b2ab9b7a21ba0e87ee9f46b6b442ed3186e83e740
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcb12176d14d7ef722fa3da0fe0169ab5c61dd309be7578b89fe3307769b90a
f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002
fbb22fb1c0e894be65ae90079cfbd2e15c8818f6733c6bf3a3629e7b8be54ebd
fbf5fff613df450881044717abb560684eba9aa1f7e04844cde93f252ec74c0c
ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

cybernews.com Open in urlscan Pro 2606:4700:3108::ac42:283b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

176 Requests

88 %HTTPS

54 %IPv6

35 Domains

44 Subdomains

30 IPs

10 Countries

2762 kBTransfer

5769 kBSize

48 Cookies

8 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

88 %
HTTPS

54 %
IPv6

35
Domains

44
Subdomains

30
IPs

10
Countries

2762 kB
Transfer

5769 kB
Size

48
Cookies

176 HTTP transactions
8 data transactions