urlscan.io logo urlscan.io
SecurityTrails logo

login.politicopro.com Open in urlscan Pro
54.167.254.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattac...
Submission: On November 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 34 HTTP transactions. The main IP is 54.167.254.105, located in United States and belongs to AMAZON-AES, US. The main domain is login.politicopro.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 5th 2021. Valid for: a year.
This is the only time login.politicopro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 54.167.254.105 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.75.88.194 16625 (AKAMAI-AS)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 15.188.95.229 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.65.92.33 16509 (AMAZON-02)
1 34.238.206.177 14618 (AMAZON-AES)
2 2 2620:119:50e8... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 142.250.185.194 15169 (GOOGLE)
34 14
10    54.167.254.105 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-254-105.compute-1.amazonaws.com
login.politicopro.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
4    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:7100:2a5::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2600:9000:2156:fe00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
smetrics.politicopro.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    3.65.92.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-92-33.eu-central-1.compute.amazonaws.com
collect.tealiumiq.com
1    34.238.206.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-206-177.compute-1.amazonaws.com
ping.chartbeat.net
2    2620:119:50e8:101::9002:f05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
Domain Requested by
10 login.politicopro.com login.politicopro.com
8 tags.tiqcdn.com login.politicopro.com
tags.tiqcdn.com
4 use.typekit.net client
use.typekit.net
2 securepubads.g.doubleclick.net www.googletagservices.com
2 px.ads.linkedin.com 2 redirects
2 smetrics.politicopro.com 1 redirects login.politicopro.com
1 px4.ads.linkedin.com login.politicopro.com
1 www.linkedin.com 1 redirects
1 ping.chartbeat.net login.politicopro.com
1 collect.tealiumiq.com tags.tiqcdn.com
1 www.googletagservices.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 p.typekit.net use.typekit.net
1 ajax.googleapis.com login.politicopro.com
0 secure.quantserve.com Failed tags.tiqcdn.com
34 16

This site contains links to these domains. Also see Links.

Domain
www.politicopro.com
Subject Issuer Validity Valid
*.politicopro.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-02-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.tealiumiq.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Frame ID: 00183CBC62F24A98E89DEE40B7880881
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | POLITICO Pro

Page Statistics

34
Requests

91 %
HTTPS

53 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

629 kB
Transfer

1554 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid=5937307366F966E1-222ACCF2579E31FC&ce=UTF-8&g=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&cc=USD&ch=homepage&server=login.politicopro.com&c1=D%3Dch&v2=D%3Dch&v3=D%3Dch&c10=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&v10=login.politicopro.com&c22=D%3Ds_vi&v23=D%3Ds_vi&c28=8%3A00AM&c29=Monday&v29=D%3Dc28&c30=First%20Visit&v30=D%3Dc29&c31=New&v31=D%3Dc30&c32=1&v32=D%3Dc31&v33=D%3Dc32&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&pccr=true&vidn=30CDCBBAE1D97FA9-400007BC25C4DB1F&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid=5937307366F966E1-222ACCF2579E31FC&ce=UTF-8&g=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&cc=USD&ch=homepage&server=login.politicopro.com&c1=D%3Dch&v2=D%3Dch&v3=D%3Dch&c10=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&v10=login.politicopro.com&c22=D%3Ds_vi&v23=D%3Ds_vi&c28=8%3A00AM&c29=Monday&v29=D%3Dc28&c30=First%20Visit&v30=D%3Dc29&c31=New&v31=D%3Dc30&c32=1&v32=D%3Dc31&v33=D%3Dc32&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Request Chain 29
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D150684%26time%3D1637586805524%26url%3Dhttps%253A%252F%252Flogin.politicopro.com%252F%253Fredirect%253Dhttps%25253A%25252F%25252Fsubscriber.politicopro.com%25252Farticle%25252F2021%25252F11%25252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&liSync=true&e_ipv6=AQJuoesp3D78zwAAAX1Hx6WuzYTmNBffek_7twqosgY84ne6lVkQT9VnDZS_XN5rhJgZsLOsYw

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.politicopro.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
edea20ff142450df06efbb3313511e0803fb5dedada483621e8e300b8a856951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 22 Nov 2021 13:13:24 GMT
content-type
text/html
server
nginx/1.10.3 (Ubuntu)
cache-control
no-store, must-revalidate
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000 ; includeSubDomains
x-frame-options
DENY
content-encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 08:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Nov 2022 08:05:11 GMT
chunk-common.3ba37549.js
login.politicopro.com/assets/js/ 		176 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-common.3ba37549.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9253b8fb6eb7dff74ffff6c730d58fb8f0e0c0583c835db046a68695f4aa5ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
chunk-vendors.a23b70c3.js
login.politicopro.com/assets/js/ 		463 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-vendors.a23b70c3.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
afb31b13d82e7ee19a087eb7685de55b8f3f66d24bed9dbd718ac23eaa6c8157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
pro.cf404bc7.js
login.politicopro.com/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/pro.cf404bc7.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
788850c7e6f05d4c499f72a8456900e736fa054f99feb5a33ca49719efdae31d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
chunk-2b73b0b3.2456eb4d.js
login.politicopro.com/assets/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-2b73b0b3.2456eb4d.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
chunk-4daaa7f6.4d893533.js
login.politicopro.com/assets/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-4daaa7f6.4d893533.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
chunk-e62f47c6.484a05b5.js
login.politicopro.com/assets/js/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-e62f47c6.484a05b5.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
utag.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c4e2127af0c97414ce9f70838457a957bcdb911df184fa4ba08c73f11e766178

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 15:06:28 GMT
server
AkamaiNetStorage
etag
"1f40fa6690b57118256fa313e5679514:1637247988.219753"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
22047
expires
Mon, 22 Nov 2021 13:18:24 GMT
cso2syk.css
use.typekit.net/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/cso2syk.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e4eb74d679bfe1269d324760286b1b9f1db3095bb0ea4a1546d09ba5c34706bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 22 Nov 2021 13:13:25 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
796
config
login.politicopro.com/api/v1/ 		279 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/api/v1/config
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/assets/js/chunk-vendors.a23b70c3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1ff2c2860e8fe86bf378785dc22736a6dc0f6b05b6f953599b56d89e2c7163d7

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.politicopro.com/?redirect=https://subscriber.politicopro.com/article/2021/11/belarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
content-type
application/json
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=cso2syk&ht=tk&f=32224.32225.32226.32227.32230.32231&a=660350&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cso2syk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2a5::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
last-modified
Fri, 06 Nov 2020 01:41:46 GMT
server
nginx
etag
"5fa4a9da-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cso2syk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b

Request headers

Referer
https://use.typekit.net/cso2syk.css
Origin
https://login.politicopro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
server
nginx
etag
"865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15448
utag.11.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.11.js?utv=ut4.46.202104221540
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
00f94a001bcb7fd775cc0985f1ad8f17bbd5a5141e8b33dd09977ed15febecde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 15:06:29 GMT
server
AkamaiNetStorage
etag
"a3e35de79e88b75873235a9f8342124d:1637247989.408833"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
19088
expires
Tue, 07 Dec 2021 13:13:25 GMT
utag.93.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.93.js?utv=ut4.46.202104221540
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
00d843795438a4190a94533bb2655d0add7f66919e19fb22e5d10d25fcdeebd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Fri, 28 Aug 2015 06:51:46 GMT
server
AkamaiNetStorage
etag
"425ca2bb96eabbb25b910cd681e4c5ab:1440744706"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
652
expires
Tue, 07 Dec 2021 13:13:25 GMT
utag.95.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.95.js?utv=ut4.46.201707180220
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f1e0ad2386644e95be96c6ee564e9df99a8f080ab748da1908ad6e7fa5f37f42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Fri, 28 Aug 2015 07:02:06 GMT
server
AkamaiNetStorage
etag
"59709fc6e202ab5252b184b0d1bfdff8:1440745326"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1280
expires
Tue, 07 Dec 2021 13:13:25 GMT
utag.198.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.198.js?utv=ut4.46.201803011752
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0ab6f7e0a70205cb397727cb18fd9e3c98cae7aa9ed3853492d35d25126be67b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Thu, 01 Mar 2018 17:52:11 GMT
server
AkamaiNetStorage
etag
"8de84c83668d3ca6c0de8b7c6a756a8c:1519926731"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
4054
expires
Tue, 07 Dec 2021 13:13:25 GMT
utag.200.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.200.js?utv=ut4.46.201810031927
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9263ae565b46efb2b549be1e453cb00b3693d57dc3ae23197762d530f89f683d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Wed, 03 Oct 2018 19:27:15 GMT
server
AkamaiNetStorage
etag
"6ad77c3800d247eccff31bba908cd4a8:1538594835"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1652
expires
Tue, 07 Dec 2021 13:13:25 GMT
utag.216.js
tags.tiqcdn.com/utag/politico/pro/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/politico/pro/prod/utag.216.js?utv=ut4.46.202111181506
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fc35a2571cacd63a31635a0b450096243fe7f00e31defe626acdf722fbe7ccf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 15:06:28 GMT
server
AkamaiNetStorage
etag
"1c2cb612cf016639c8ae50c481b1e3c4:1637247988.819861"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1764
expires
Tue, 07 Dec 2021 13:13:25 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.93.js?utv=ut4.46.202104221540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fe00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:47:45 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:27:20 GMT
server
nginx
age
1540
etag
W/"6179ee68-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
q3IyCneijCXyvNT3Rv8jbSuOL-kRI3XpH15uXbCKgnXSwYJH5kejYQ==
expires
Mon, 22 Nov 2021 14:47:45 GMT
quant.js
secure.quantserve.com/ 		0
0
chunk-4daaa7f6.4d893533.js
login.politicopro.com/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.politicopro.com/assets/js/chunk-4daaa7f6.4d893533.js
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/assets/js/pro.cf404bc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c982c2f4d7da645e58c9e28229263432b2d5dd48dde70339518b63e2534a9f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
contact-bg.fce00162.jpg
login.politicopro.com/assets/img/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.politicopro.com/assets/img/contact-bg.fce00162.jpg
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.254.105 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-254-105.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ed68432729081f0ca71f7a3e5b7df0cfce39597342afeae59037cb136991cddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 19:54:49 GMT
server
nginx/1.10.3 (Ubuntu)
x-frame-options
DENY
content-type
image/jpeg
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
133065
x-xss-protection
1; mode=block
expires
0
l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cso2syk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Referer
https://use.typekit.net/cso2syk.css
Origin
https://login.politicopro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
server
nginx
etag
"b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16456
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 13:13:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=28319
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
s86914007830624
smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/
Redirect Chain
  • https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid=5937307366F966E1-222ACCF2579E31FC&ce=UTF-8&g=htt...
  • https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&pccr=true&vidn=30CDCBBAE1D97FA9-400007BC25C4DB1F&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid...
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&pccr=true&vidn=30CDCBBAE1D97FA9-400007BC25C4DB1F&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid=5937307366F966E1-222ACCF2579E31FC&ce=UTF-8&g=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&cc=USD&ch=homepage&server=login.politicopro.com&c1=D%3Dch&v2=D%3Dch&v3=D%3Dch&c10=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&v10=login.politicopro.com&c22=D%3Ds_vi&v23=D%3Ds_vi&c28=8%3A00AM&c29=Monday&v29=D%3Dc28&c30=First%20Visit&v30=D%3Dc29&c31=New&v31=D%3Dc30&c32=1&v32=D%3Dc31&v33=D%3Dc32&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
x-content-type-options
nosniff
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 23 Nov 2021 13:13:25 GMT
server
jag
xserver
anedge-6988cccb6f-6wfxn
etag
3516690887495876608-4619898610174443726
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 21 Nov 2021 13:13:25 GMT

Redirect headers

date
Mon, 22 Nov 2021 13:13:25 GMT
x-content-type-options
nosniff
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
location
https://smetrics.politicopro.com/b/ss/allbrittonpoliticopro2/1/JS-1.4.1/s86914007830624?AQB=1&pccr=true&vidn=30CDCBBAE1D97FA9-400007BC25C4DB1F&ndh=1&pf=1&t=22%2F10%2F2021%2013%3A13%3A25%201%200&fid=5937307366F966E1-222ACCF2579E31FC&ce=UTF-8&g=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&cc=USD&ch=homepage&server=login.politicopro.com&c1=D%3Dch&v2=D%3Dch&v3=D%3Dch&c10=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&v10=login.politicopro.com&c22=D%3Ds_vi&v23=D%3Ds_vi&c28=8%3A00AM&c29=Monday&v29=D%3Dc28&c30=First%20Visit&v30=D%3Dc29&c31=New&v31=D%3Dc30&c32=1&v32=D%3Dc31&v33=D%3Dc32&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified
Tue, 23 Nov 2021 13:13:25 GMT
server
jag
xserver
anedge-6988cccb6f-cvbz5
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 21 Nov 2021 13:13:25 GMT
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1051 / 995 of 1000 / last-modified: 1637582729"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26883
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Nov 2021 13:13:25 GMT
i.gif
collect.tealiumiq.com/politico/main/2/ 		43 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/politico/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.198.js?utv=ut4.46.201803011752
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.92.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-92-33.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://login.politicopro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPihJmh60kXKOkggV

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
vary
Origin
x-serverid
uconnect_i-004f76dac29e76112
x-tid
017d47c7a0ce002172efe46c6a880307200aa06a00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
politico:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
017d47c7a0ce002172efe46c6a880307200aa06a00b08
content-type
image/gif
access-control-allow-origin
https://login.politicopro.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
8ee876099a01906aad4e6dc91670045dc8d56fa2-SNAPSHOT
x-uuid
6a6755a1-9899-489c-8807-4a7af424d183
expires
Mon, 22 Nov 2021 13:13:25 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=politico/pro/202111181453&cb=1637586805488
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/politico/pro/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Mon, 22 Nov 2021 13:23:25 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=politico.com&p=%2F%3Fredirect%3Dhttps%3A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&u=C1AskICBfukb5FasU&d=login.politicopro.com&g=33430&g0=homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1149&t=Ds4lp7Df7DgTDqWiMcB4I0DCCak2Lz&V=129&i=Log%20in%20%7C%20POLITICO%20Pro&tz=0&sn=1&sv=Cv29lVDUn4fUDaehnsBkgPurO-rNe&sd=1&im=0e030403&_
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.206.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-206-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 13:13:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D150684%26time%3D1637586805524%26url%3Dhttps%253A%252F%252Flogin.politicopro.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&liSync=true&e_ipv6=AQJuoesp3D78zwAAAX1Hx6WuzYTmNBffek_7twqosgY84ne6lVkQT9VnDZS_XN5rhJgZsLOsYw
Requested by
Host: login.politicopro.com
URL: https://login.politicopro.com/?redirect=https%3A%2F%2Fsubscriber.politicopro.com%2Farticle%2F2021%2F11%2Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:26 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
m88gM4bguRbAAVbCQSsAAA==

Redirect headers

date
Mon, 22 Nov 2021 13:13:26 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=150684&time=1637586805524&url=https%3A%2F%2Flogin.politicopro.com%2F%3Fredirect%3Dhttps%253A%252F%252Fsubscriber.politicopro.com%252Farticle%252F2021%252F11%252Fbelarus-behind-a-host-of-cyberattacks-in-eastern-europe-researchers-say-3992379&liSync=true&e_ipv6=AQJuoesp3D78zwAAAX1Hx6WuzYTmNBffek_7twqosgY84ne6lVkQT9VnDZS_XN5rhJgZsLOsYw
x-li-proto
http/2
x-li-pop
prod-ltx1
content-length
0
x-li-uuid
56EMH4bguRZA8g0tAisAAA==
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Nov 2021 13:13:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=login.politicopro.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
90fa2d26588edb5c9d31ec4e8894b14f6dc87a76703a0a17435edd2acec97ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.politicopro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 13:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Mon, 22 Nov 2021 13:13:25 GMT
l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cso2syk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961

Request headers

Referer
https://use.typekit.net/cso2syk.css
Origin
https://login.politicopro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:13:25 GMT
server
nginx
etag
"eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16112

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.quantserve.com
URL
https://secure.quantserve.com/quant.js

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| utag_data boolean| utag_condload object| pages undefined| useSSL undefined| rootURL undefined| admantx_url object| countries object| loaded number| timeout object| utag undefined| admantx_callback function| slotRenderEndedHandler function| headerAdsTimeout boolean| __tealium_twc_switch object| politicoAds function| displayAds object| pbjs object| adsConfig function| generateAdSlot function| generateDynamicAdSlot function| generateViewportAdSlot object| gptadslots object| googletag object| adSlots object| tp object| tealium_brightcove_player object| webpackJsonp object| __core-js_shared__ object| core function| applyFocusVisiblePolyfill object| __SENTRY__ object| regeneratorRuntime number| _sf_startpt object| _sf_async_config number| _sf_endpt object| _qevents object| _linkedin string| _linkedin_data_partner_id object| s undefined| visitor function| AppMeasurement function| s_gi function| s_pgicq undefined| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq object| optimizely object| s_i_allbrittonpoliticopro2 number| vb object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| lintrk boolean| _already_called_lintrk object| ggeac object| google_js_reporting_queue number| scrollbarWidth object| adstruct_all_ads undefined| google_measure_js_timing boolean| adsRefreshed

25 Cookies

Domain/Path Name / Value
login.politicopro.com/ Name: JSESSIONID
Value: 1637586805.656.207.965864
.politicopro.com/ Name: _cp_pt
Value: homepage
.politicopro.com/ Name: utag_vnum
Value: 1640178804946&vn=1
.politicopro.com/ Name: utag_invisit
Value: true
.politicopro.com/ Name: utag_vi
Value: 1637586804946
.politicopro.com/ Name: utag_vs
Value: 1
.politicopro.com/ Name: utag_dslv
Value: 1637586804947
.politicopro.com/ Name: utag_dslv_s
Value: First Visit
.politicopro.com/ Name: s_fid
Value: 5937307366F966E1-222ACCF2579E31FC
.politicopro.com/ Name: s_cc
Value: true
login.politicopro.com/ Name: _cb_ls
Value: 1
login.politicopro.com/ Name: _cb
Value: C1AskICBfukb5FasU
login.politicopro.com/ Name: _chartbeat2
Value: .1637586805508.1637586805508.1.Cv29lVDUn4fUDaehnsBkgPurO-rNe.1
login.politicopro.com/ Name: _cb_svref
Value: null
.tealiumiq.com/ Name: TAPID
Value: politico/main>017d47c7a0ce002172efe46c6a880307200aa06a00b08|
.politicopro.com/ Name: utag_main
Value: v_id:017d47c7a0ce002172efe46c6a880307200aa06a00b08$_sn:1$_se:1$_ss:1$_st:1637588604943$ses_id:1637586804943%3Bexp-session$_pn:1%3Bexp-session$_prevpage:undefined%3Bexp-1637590404945$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session
.politicopro.com/ Name: s_vi
Value: [CS]v1|30CDCBBAE1D97FA9-400007BC25C4DB1F[CE]
.linkedin.com/ Name: UserMatchHistory
Value: AQJe2q9fwuPSWwAAAX1Hx6RntlG-znCaUIL-uvELfc8PDYohg65I-ewFZaPN0x1yBOtGXBEYgOqbng
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJtoUhkUCncVQAAAX1Hx6Rne31MKZ1_9EMrU8oSzDCEY3bMDcMv6Et4jptO48HOAbJOfLZhq-ZJnc7Q67kEww
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b93389c3-899e-4e1a-8168-e7eb2d4aa936"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2616:u=1:x=1:i=1637586805:t=1637673205:v=2:sig=AQHPy1LCB0S6t1S5CyuwiX1rYKS3EFa7"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20211122131326cca5f864-ca3e-4fa5-80f2-86f6491f8bb8AQEH-blUi2TGvmobba0QrHMuSVvnWPmg"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Mzc1ODY4MDY7MjswMjHxCiff9Oi95M4gQcfpjgdOfVf7P5J6dNeE6fGd4XE6wQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
collect.tealiumiq.com
login.politicopro.com
p.typekit.net
ping.chartbeat.net
px.ads.linkedin.com
px4.ads.linkedin.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.politicopro.com
snap.licdn.com
static.chartbeat.com
tags.tiqcdn.com
use.typekit.net
www.googletagservices.com
www.linkedin.com
secure.quantserve.com
104.75.88.194
108.174.10.14
142.250.185.194
15.188.95.229
2600:9000:2156:fe00:18:1fcd:34f:cdc1
2620:119:50e8:101::9002:f05
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:830::200a
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba13
2a02:26f0:7100:2a5::19fd
3.65.92.33
34.238.206.177
54.167.254.105
00d843795438a4190a94533bb2655d0add7f66919e19fb22e5d10d25fcdeebd9
00f94a001bcb7fd775cc0985f1ad8f17bbd5a5141e8b33dd09977ed15febecde
0ab6f7e0a70205cb397727cb18fd9e3c98cae7aa9ed3853492d35d25126be67b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ff2c2860e8fe86bf378785dc22736a6dc0f6b05b6f953599b56d89e2c7163d7
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
788850c7e6f05d4c499f72a8456900e736fa054f99feb5a33ca49719efdae31d
90fa2d26588edb5c9d31ec4e8894b14f6dc87a76703a0a17435edd2acec97ab6
9253b8fb6eb7dff74ffff6c730d58fb8f0e0c0583c835db046a68695f4aa5ea9
9263ae565b46efb2b549be1e453cb00b3693d57dc3ae23197762d530f89f683d
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
afb31b13d82e7ee19a087eb7685de55b8f3f66d24bed9dbd718ac23eaa6c8157
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c4e2127af0c97414ce9f70838457a957bcdb911df184fa4ba08c73f11e766178
c982c2f4d7da645e58c9e28229263432b2d5dd48dde70339518b63e2534a9f08
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb74d679bfe1269d324760286b1b9f1db3095bb0ea4a1546d09ba5c34706bf
ed68432729081f0ca71f7a3e5b7df0cfce39597342afeae59037cb136991cddd
edea20ff142450df06efbb3313511e0803fb5dedada483621e8e300b8a856951
f1e0ad2386644e95be96c6ee564e9df99a8f080ab748da1908ad6e7fa5f37f42
fc35a2571cacd63a31635a0b450096243fe7f00e31defe626acdf722fbe7ccf0
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3