cyberscoop.com Open in urlscan Pro
18.66.112.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Submission: On July 25 via api (July 25th 2024, 2:10:08 am UTC) from TR — Scanned from DE

Summary HTTP 122 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 21 domains to perform 122 HTTP transactions. The main IP is 18.66.112.121, located in United States and belongs to AMAZON-02, US. The main domain is cyberscoop.com. The Cisco Umbrella rank of the primary domain is 657589.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 21st 2023. Valid for: a year.

This is the only time cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	18.66.112.121 18.66.112.121	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
55	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	29

18 18.66.112.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-121.fra56.r.cloudfront.net

cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

2.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	2 MB
18	cyberscoop.com cyberscoop.com — Cisco Umbrella Rank: 657589	688 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	211 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 9983 track.hubspot.com — Cisco Umbrella Rank: 5359	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	178 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4801 p1.parsely.com — Cisco Umbrella Rank: 3692	22 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	183 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	393 B
1	t.co t.co — Cisco Umbrella Rank: 979	375 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	24 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	24 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
1	gravatar.com 2.gravatar.com — Cisco Umbrella Rank: 19525	3 KB
122	21

	Domain	Requested by
55	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cyberscoop.com pagead2.googlesyndication.com
18	cyberscoop.com	cyberscoop.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	use.typekit.net	cyberscoop.com use.typekit.net
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	securepubads.g.doubleclick.net	cyberscoop.com securepubads.g.doubleclick.net
2	www.facebook.com	cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.hubspot.com	js.usemessages.com
2	connect.facebook.net	cyberscoop.com connect.facebook.net
2	www.googletagmanager.com	cyberscoop.com www.googletagmanager.com
1	track.hubspot.com
1	px4.ads.linkedin.com	cyberscoop.com
1	script.hotjar.com	static.hotjar.com
1	p1.parsely.com	cyberscoop.com
1	analytics.twitter.com	cyberscoop.com
1	t.co	cyberscoop.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	p.typekit.net	use.typekit.net
1	js.hs-scripts.com	cyberscoop.com
1	2.gravatar.com	cyberscoop.com
122	29

This site contains links to these domains. Also see Links.

Domain
aiscoop.com
www.fedscoop.com
defensescoop.com
statescoop.com
edscoop.com
scoopnewsgroup.com
blog.knowbe4.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
aiscoop.com Amazon RSA 2048 M02	`2023-12-21` - `2025-01-18`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-03` - `2024-08-01`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Frame ID: CE08082ED2A1E71D2FD09C92F7DA8429
Requests: 59 HTTP requests in this frame

Frame: https://bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 606C517444256232CA60462920831520
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvSZ_lLkZTLU53OIcKu_WXae0O4Rc2wW22CHoGU3T7hrZPM-9NhSd93LpEtm99Bb_zg750XU87izKzFyyjf8M2bYgr6TwWQ6zMnL9J6eZn1c6HKYxFq_tVGcLSda8E_TeEIZplR42NOxWniQ2q9Cq11YctDPFbQ6lhYpZWnvGnC5un29p7QvcsMgujGiRnVGwLMgEMRz6xOTL39GveHbTgdiJevanqvJVR_59ZIptAwjf3ZNqyVRnhQTO4TBJL-9D_mbfjePR8C4w3RYYIq5RlN3O2YuGR8Klx1f0zfP0INVgnynvkwn1Iy8uKik_ijNFkQ7H5pYI48mrlObVdkFspYZHJF3ni2tOa5FBuw7UGdC_E&sig=Cg0ArKJSzIqFPN0IZNe9EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0165C20BC8801AA3CBC2A540C897BA81
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuLfT1-uTn0qCSRwrhExA6AUy0M5bBq3M5oxMyiE6LV1j3h3WbgQZMOPtpG1yPInfLcVSGYpDPVHGV0Ewe_XWHtIeJ1FqrzkkJRtVtl8qj3yMcrL3FBRNuw-thOsTO4CltKLXayUrMp8bsqHzFiP1tYYjCzFCC06X6lucbqqILDYEWBUW3IWlAOa1FAW864UOJ8qUt0fyGxWiWlskYclUwRJIxRqBtpoA9R_XNMU3tcUCYQjYd8Lk31YyuH_OgroGbiEY-VZWtR9vEiPlcdcyk-3tnZbMXsfohnI2HrZsnOSFkTYiK9tQON2iebmGDGGJueTMyIv_W0uKriiD9yh5A_C1Bw9f8c-hFRB11x9RIsPJ92719J&sig=Cg0ArKJSzDdI9TLMtQGREAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 42101AF45E572E55641C8B53C661403C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssRj6ZuZu8kHPrAmiSjLmydnb2GJNTSt_hM2wVmYSdlaioWgqDxot1h00-SuNUBQCaTMVjZBJ0RoXYSjrjblbPjnv27C-ualVzgDZz_upO2caNM9kZw4JbOox8ppn3VAE6OcwZJuc5ja5uDOTM7reY978nneQSIEJGTD32Q7Q8R6Fu1pJf0N-ByL-TFjxXWqdj-KzOwe1evTJ0TM4CokoCUJoa7lHmwnBJdfadt3UCAN7Djus-zWTFuPWCMS89nF1Jo57EZ9PCrSk0werL5PXO6ktL6111qF-Jt5lfUKV0Yt90RXeXmrsKVbrAuAWZmc-T_NLe_kbukxaaM4Wc-i3iSgJzIHf2HxQxJr6fT72YqAK9jTkVl&sig=Cg0ArKJSzOmsqI05fs1SEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 13C7BA55B04DDCEEF7E3CD5F03DE4AB5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvncb8TRmP_J4T5tkThhcUqd7mEZOJNbdrst4QjoMctmAQOgtltWFwVRT9zk9Yb3U-fTitQ3HIG0-lDqK11SOGXQ_ySKK8HXi708W7GjDj4mI0LVX31jJFTQ3wUfWBQemQO9VNp7ccwmBu9nsZ8MUzOStVA-PGgRZzd99kBGa2jpvTgKzG4sqTE9PCWNqH2i-0TX_gJFwKkzFux8s8MqUrBNy2hftgdPX_0UVZMZDfNaKWrs3kSNpvh6ilstd2gdaGDD4Mp-tS1jILauCMJZXmD3Es_J8SgOmipPx3Lbi6qW9_42u92ITSmTKegmVV6LV082NCz42q1jJP86YdSBb8y45jnhgBzM95zyxw5OYvOwbEyRFfN&sig=Cg0ArKJSzLNC1x6CCEKUEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D22A4A5B3DE3A618F1BA0CCC17F61D15
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst4Vlh5deXlUiEg0TAZvNd87kjDeY5oS6Ti0pCuHwO6Uu8gucY8sYZjYKiHI_fEqcKZg48w41XMNNeYZJfl8j6dAlmRaGexeZYzj09-yfCE12CueCcseTfVhNXKOh3DzMFknf4RBD_HysX9PCFJGaPsPCrvPxgE6lSMKfyF99EXja3oO525YbNWYor398gVIXvfiQs8V6cTFgLEywk58x3Vh_x-N_S-5DZS4FZsG9ykijyaVPA5Pn8eg-HeQ3kqeixoTrVY-VMpjI_zRPtAv2KfXSyBwdMn-RzDA2vOmPLMo3Jc8gRCHdCeu40iDX2asWrZY5ba4rDaCtbw0zdbAAiHgiFyZaJkv34Ddsf67bTYNG6OH3oU&sig=Cg0ArKJSzD4KZxa38pSmEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: DB1DCE8FED63ADC72F9C30E9A7B4A821
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsseFW-d6p8ZDpS8_fBMCt-HJlwQ4xyF6zmv1qQ6k_0F9dpuBywAIpZEZBX5NILTTjx2MBl4zTRsql1zyslyEiz2_z_mIqBIgfru281cL0Z19iZfF7C0Skya-5dssKBSxoCY1AqdBrxsEoHVw-yll9eDewjbsT3ybqJAUGC1K-uQ8cH1gIOdgViWZXCmKXg9Ut3_qNAk7p95CviLcIR87mLfkSNM6LC4tTLIUFgu_UIz_helNXLzqU6WNIvABccBK9mpHAgbAlUSWopU_IXlBxrpB27_tFHZrHVdoWQfDPPVWWKzd-YOrGrQX-Mt1TzFG0gHEbziTAcKlakPbPTFjwgjuE6ow1mmR3ezv9T3sw&sig=Cg0ArKJSzAb0fRo9SS6_EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D51D7A2A60FF61D6D469D2506904FF6A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuJaL8Z52TSoi_wl5lk-dap4NF7dqXE7B1fosYFNTxiarZOOnnNlQUbQ5IQ98O_mbptK5XG9E0LDKSMx92eysUroIMSABOPtec2hUfVuihyMbY8vieFsa0qe8_ctj8yhRrTuDE92FIpF63I-cMd_YYmRMS4eevVkm2phGrqgxYmMl9qS1YyuQ2YumHOLvtQ1U4lWlhUgUfSL2RAvHHp23u-L982lmZ_Pb1CiclrX1NTa5FCaEv6GPw2wBloRhPFXXvHEZU8Zx3ipZTxrMQ9xWfWrXed5S2SHfXFiwPagHlkwMHGPNx5g33Cncaw1YMCD7cf4UxDZeuGl4FI6oNeLPwquoHZafVBG7lc5djlDKhcEJS6&sig=Cg0ArKJSzNjLsylp3g18EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 366A8BEE4FECD7C9C39741746FD7172E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuaANU_FmzSwHlDfYw55bajFVnskM-A1a0zhCq8VibeGaXYMZTyEQrUEC35-PuDFX7h0V_2xHPn-VqCotkXbjFV05b_MpN-0F2WqQj16RMceuxNFxfr-IRzwc9R7Rqi4QT-iwxUO_gLZZDvLBwSL-p8zr5Zf52yGer4w3VtkOKdQNbnfKYRYKI-qpekxkCmDVStfhaThTfPJNq8kC3TnDIw_VTwrsRbvoH1AxFmZQkR_7wGNnQDIIQWmE_3NKy-yz4GRNnBdFaiLnzRNvYA-1Y13ByEc-SCmWhgBU6TQ7o-1bf8FJf8aLAlumslgdO2KNHYovMpNQErDFtqGUE8uYLbggpGmSrL8qxxkXgU0BSgOanI&sig=Cg0ArKJSzPbxQzZAFxigEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 93CC1B96F15ECEB01018E4AA6FF1AC45
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A99E8BED7E5C16DDB1064B783C614C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber firm KnowBe4 hired a fake IT worker from North Korea | CyberScoop

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

122
Requests

98 %
HTTPS

61 %
IPv6

21
Domains

29
Subdomains

29
IPs

4
Countries

3093 kB
Transfer

7444 kB
Size

21
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://aiscoop.com/
Title: AIScoop

Search URL Search Domain Scan URL

URL: https://www.fedscoop.com/
Title: FedScoop

Search URL Search Domain Scan URL

URL: https://defensescoop.com/
Title: DefenseScoop

Search URL Search Domain Scan URL

URL: https://statescoop.com/
Title: StateScoop

Search URL Search Domain Scan URL

URL: https://edscoop.com/
Title: EdScoop

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/oursolutions/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us
Title: revealed in a blog post Tuesday

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/

Search URL Search Domain Scan URL

URL: https://www.fedscoop.com/wp-content/uploads/sites/5/2022/11/SNG_AdSpecs.pdf
Title: Ad specs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop
Title: FB

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews
Title: TW

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews
Title: IG

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@cyberscoop_sng
Title: YT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&e_ipv6=AQIUzsKbs4xu5QAAAZDnpw2DJi1YRVcb2IIX-arppjo_-eBHaSsR4V0gZrofQ3soUwI7-nk

122 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/ 101 KB
22 KB 134ms
46ms Document
text/html 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-121.fra56.r.cloudfront.net

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

1703a04340e515a8ad66e258eee2215e64f616c202078b3c1bfa17e562330843

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 215
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 02:06:26 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://cyberscoop.com/wp-json/wp/v2/posts/81138>; rel="alternate"; title="JSON"; type="application/json" <https://cyberscoop.com/?p=81138>; rel=shortlink
server: nginx
vary: Accept-Encoding
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id: T8iV10zIMFjXWpqvjNrq9eCUmuzHEU6UdJdiWZJX_v87RmIbSFzQhw==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
x-distributor: yes
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 111 254 443

GET
H2 200 style.min.css
cyberscoop.com/wp-includes/css/dist/block-library/ 110 KB
15 KB 47ms
44ms Stylesheet
text/css 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?m=1721750696g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 18:08:24 GMT
content-encoding: br
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 115297
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 254 443
last-modified: Tue, 23 Jul 2024 16:04:56 GMT
server: nginx
etag: W/"669fd4a8-1b723"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 96c9kHUzCMpa9HAPkNkXY_Y5GqD4mfuRZYtQLzyYbKvFVfXujVTAtg==

GET
H2 200 related-posts-block-styles.min.css
cyberscoop.com/wp-content/mu-plugins/search/elasticpress/dist/css/ 222 B
590 B 47ms
45ms Stylesheet
text/css 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?m=1718292839g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:27:25 GMT
x-rq: hhn1 111 254 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 15:33:59 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 722556
etag: "666b1167-de"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 222
x-amz-cf-id: QW-d4cE-VaBxjhVb--OwK5-EEN8w53M8m7tlklwu4vdUFgxg5WoZzw==

GET
H2 200 frontend.css
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/ 157 KB
23 KB 53ms
52ms Stylesheet
text/css 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 96c381ae313ee177decfede923c9c9df7dd2a75c843fdfdc9d101b7977a1c3be

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:58:36 GMT
content-encoding: br
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 108685
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 253 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
etag: W/"66a00b1d-272d4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GAcHT0y83bGzvKwwMwEx6EWF_q0y3sjiPNHfCZAflizn1F39ViTvlQ==

GET
H2 200 itk2qbh.css
use.typekit.net/ 10 KB
1 KB 196ms
64ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

abb51a752ad668d521944d425ca58cb18cceb95a60217a846bb5555418056dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 25 Jul 2024 02:10:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1222

GET
H2 200 / Show response
cyberscoop.com/_static/ 99 KB
35 KB 61ms
60ms Script
application/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5kaG5qYGZpVkWAK9yIiQ=
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 18:08:55 GMT
content-encoding: br
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-rq: hhn1 111 254 443
last-modified: Tue, 23 Jul 2024 16:04:56 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 115266
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SuKApTr2xOhGV5BttE_2eYpxtREWQQNPzrRp7kp-nyoGDwabqrx3hA==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 149ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

030299785d4ce5ce893acd00dcd3e39d3913d5461adfe01dcfcacab1aedc1162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31587
x-xss-protection: 0
server: cafe
etag: 649 / 19929 / m202407220101 / config-hash: 17012641668572817632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 02:10:01 GMT

GET
H2 200 logo-cyber.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 2 KB
1 KB 87ms
86ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/logo-cyber.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:27 GMT
content-encoding: br
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 214
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 253 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
etag: W/"66a00b1d-8a8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
x-amz-cf-id: M9ulkH1pfwSE7ubbDuh7MH93URJYBP87xK7T8XOJQiOmPiWGPkhIsg==

GET
H2 200 Screenshot-2024-07-24-at-10.29.25%E2%80%AFAM.png
cyberscoop.com/wp-content/uploads/sites/3/2024/07/ 560 KB
561 KB 86ms
85ms Image
image/png 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2024/07/Screenshot-2024-07-24-at-10.29.25%E2%80%AFAM.png
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: cbf8b1fb8b306dd538ba53c80ff78099e489a5501a45a6ddbacb7fde27179585

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 15:02:20 GMT
x-rq: hhn1 109 144 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jul 2024 14:30:35 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 40061
etag: "6036ecae26b8f154"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes, bytes
alt-svc: h3=":443"; ma=86400
content-length: 573812
x-amz-cf-id: 70zfk9X1O52Q4hpjc6_ANRsvBoHCs5Cu-5vSOHV7K7hnNnS9glQfVQ==

GET
H2 200 ea8b076b398ee48b71cfaecf898c582b
2.gravatar.com/avatar/ 3 KB
3 KB 126ms
36ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2.gravatar.com/avatar/ea8b076b398ee48b71cfaecf898c582b?s=192&d=mm&r=g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d2f8876b873bfc9bb7df9298f74d629704f161b0089f6654a05c158eca19ff5

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 25 Jul 2024 02:10:01 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ea8b076b398ee48b71cfaecf898c582b.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/ea8b076b398ee48b71cfaecf898c582b?s=192&d=mm&r=g>; rel="canonical"
content-length: 2735
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 02:15:01 GMT

GET
H3 200 logo-sng.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/ 6 KB
2 KB 201ms
201ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/logo-sng.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:27 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
age: 214
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 253 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
etag: W/"66a00b1d-160e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
x-amz-cf-id: lZU8zXRHw4FfCkxQPgy7WuT5vq_Y0DHbRxFEOCygdefbbCpHncIEJQ==

GET
H3 200 / Show response
cyberscoop.com/_static/ 49 KB
18 KB 161ms
161ms Script
application/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJxtjUEKwzAMBD/URKQt8an0LcVWEhlbMpJNvh83UOghx2VmWNjL4IUrcoWS2kps8AmD4qJo24lUEgSyCtFg0dMNY7Qb9JTYpxbQvqxxQDUvimMmvjL6bJXSP/591w1zl3ouhXG3VaWVq9t3fk3uPrn5OT9cPAACKEaD
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 95771ab9f1aa800878a2103d5b7f665105c3431a4f68ee69833ce4a9bf00ed9a

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:13 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-rq: hhn1 111 254 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 108648
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zoT_I9aF5O5gknhA4t7hpRWRVMpMm-72-6QwckGufPCqcUDDH63gzA==

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1 KB
1 KB 255ms
162ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2153467.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c771fbcc2985cf7875cf666f58f0e8bdcbe8887d1ff286b0f0cd259f0be02e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec8ea556-8cda-43e5-a964-977a0d463e1c
x-envoy-upstream-service-time: 6
content-length: 593
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ec8ea556-8cda-43e5-a964-977a0d463e1c
last-modified: Thu, 25 Jul 2024 02:10:02 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://cyberscoop.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-qhbmk
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8a889c7b6f2a907c-FRA
expires: Thu, 25 Jul 2024 02:11:32 GMT

GET
BLOB 200
OK f9cab4c8-9304-4c15-928b-367dd9cc40b6
https://cyberscoop.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cyberscoop.com/f9cab4c8-9304-4c15-928b-367dd9cc40b6
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 48ms
41ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=itk2qbh&ht=tk&f=9871.9872.9874.14602.24539.24540.24547.24548.14032.14033.14034.14035.29382.29383&a=95056288&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:01 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/ 473 KB
147 KB 42ms
41ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

cf36a20212b88f70aa6e9bb80ffba53a4d1af8df6e985a3a4474b1214aa85060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 24 Jul 2024 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54320
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150948
x-xss-protection: 0
server: cafe
etag: 13023782884208594292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Jul 2025 11:04:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
72 B 123ms
46ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

b27c2edbe6cd7c5c3d629f3e0339f25d56e00b3c772f972ab44f0aeb35834c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Thu, 25 Jul 2024 02:10:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
88 KB 178ms
59ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06c95435f2a5512fd62ad638b7a0d98545855cc100f1cdb8aa3d1c22ac40802e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89699
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jul 2024 02:10:02 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 665 KB
53 KB 206ms
117ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3204753697887549&correlator=1663993212347509&eid=31083345%2C31084950%2C95338107%2C31084182%2C31084955%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407220101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=18430785%2Csng_cyberscoop%2Cap_top%2Cap_rightrail_1%2Cap_rightrail_2%2Cap_rightrail_3%2Cap_rightrail_4%2Cap_bottom%2Cap_inline_1%2Cap_inline_2%2Cap_inline_3%2Cap_inline_4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1721873402144&lmt=1721873402&adxs=315%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=149%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&vis=1&psz=1472x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=278001889.1721873402&ga_sid=1721873402&ga_hid=141866060&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1721873401705&idt=392&prev_scp=pos%3Dtop%7Cpos%3Drightrail_1%7Cpos%3Drightrail_2%7Cpos%3Drightrail_3%7Cpos%3Drightrail_4%7Cpos%3Dbottom%7Cpos%3Dinline_1%7Cpos%3Dinline_1%7Cpos%3Dinline_1%7Cpos%3Dinline_1&cust_params=category%3Dthreats%26tags%3Dknowbe4%252Cmalware%252Cnorth-korea%252Cthreat-detection%26author%3Dmatt-bracken%26environment%3Dproduction%26page_type%3Darticle%26path%3D%252Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%252F%26host%3Dcyberscoop.com%26postId%3D81138&adks=1951456962%2C4107124343%2C4015763869%2C4220772384%2C3445260293%2C564576029%2C1365302924%2C1902044552%2C2608348809%2C4241426517&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

a36ebea337eb54a92bda23148bb5a2ebfbffd44d112f55d3436e6ae9ca9a5e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
google-lineitem-id: 6755055281,6733147567,6708299170,6755055281,6757597583,6757597583,6718646304,6718646304,6751343253,6733147567
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138483004333,138476910902,138477477265,138482381540,138482812551,138482965148,138475255729,138474535134,138482283104,138476910911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 606C 0
0 154ms
46ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 02:10:02 GMT
expires: Thu, 25 Jul 2024 02:10:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pattern.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 299 B
610 B 40ms
40ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/pattern.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:34 GMT
x-rq: hhn1 111 253 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 208
x-amz-cf-pop: FRA56-P5
etag: "66a00b1d-12b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 299
x-amz-cf-id: SUXWKzWv5S4YRO8y4tVGeM1nX7rzNJSJ3nN22TZF9EMfoFO69uMnMg==

GET
H3 200 icon-facebook.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 371 B
682 B 41ms
40ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-facebook.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:45 GMT
x-rq: hhn1 111 254 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 197
x-amz-cf-pop: FRA56-P5
etag: "66a00b1d-173"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 371
x-amz-cf-id: ZM8TGtsdwaOK1OW0fnyqtNzv8lYk3N_ksP6YJa6gSqlge7ESg691qA==

GET
H2 200 l
use.typekit.net/af/b718ff/00000000000000007735f98d/30/ 46 KB
46 KB 163ms
46ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b718ff/00000000000000007735f98d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
server: nginx
etag: "8eb51f23928374af36bf65f02757cd5be6775093"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47332

GET
H2 200 l
use.typekit.net/af/4337b5/000000000000000000013144/27/ 115 KB
116 KB 210ms
93ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4337b5/000000000000000000013144/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
server: nginx
etag: "2fdf8397680527e53165122163643d633320379f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 118028

GET
H2 200 l
use.typekit.net/af/5d97ff/00000000000000007735f999/30/ 47 KB
47 KB 173ms
57ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d97ff/00000000000000007735f999/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=ada0ad45b21fc79c6694
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
server: nginx
etag: "b4c0d041408776d043674f518c911c68d4f73f57"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48312

GET
H3 200 icon-twitter.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 587 B
683 B 45ms
45ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-twitter.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:28 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
age: 214
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 253 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
etag: W/"66a00b1d-24b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 3I1dmEPmFtzVEMot6Ejm4zwJiXSow2gj9Fo8eNM2AQltVkJpN3FYYA==

GET
H3 200 icon-linkedin.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 504 B
644 B 46ms
45ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-linkedin.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:28 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
age: 214
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 254 443
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
etag: W/"66a00b1d-1f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
x-amz-cf-id: D59JsN2bDrlcEl729vbb5luqghkSBQ9ym8FlpeZuwP8Rlq1uCkeewA==

GET
H3 200 icon-instagram.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 378 B
688 B 44ms
44ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-instagram.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:28 GMT
x-rq: hhn1 111 253 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 214
x-amz-cf-pop: FRA56-P5
etag: "66a00b1d-17a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 378
x-amz-cf-id: E1OAGeHigqMSG29NqumI7GHp9fdoFAsID9y4dwf5Osc-5fNvFkwEfg==

GET
H3 200 icon-youtube.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 311 B
619 B 45ms
45ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-youtube.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a02d6bcc26f9bf0bb83fb1d4b0f77b8394203a7436206d0dfea469dba4b1898a

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:28 GMT
x-rq: hhn1 111 253 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 214
x-amz-cf-pop: FRA56-P5
etag: "66a00b1d-137"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 311
x-amz-cf-id: m4yr9iOm40gLF24vuWjtZEih41xmfrA2OJAWls3srirSJWTq7zEIZw==

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 67 KB
24 KB 101ms
79ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

30b2ad9b4618e02ea31287ad6f14de494b34ad88751f7c148278ef76a785a89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24681
x-xss-protection: 0
google-lineitem-id: 6718646304
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138475256485
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon-caret.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 373 B
682 B 43ms
42ms Image
image/svg+xml 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-caret.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1721764637g
Origin: https://cyberscoop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:06:30 GMT
x-rq: hhn1 111 253 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 19:57:17 GMT
server: nginx
age: 212
x-amz-cf-pop: FRA56-P5
etag: "66a00b1d-175"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 373
x-amz-cf-id: O4uBn_NMM1CPbRAnywPtP2ezL_6l_AKNLz2aUBat4u6zyX0_bJc6pw==

GET
H3 200 wp-emoji-release.min.js Show response
cyberscoop.com/wp-includes/js/ 18 KB
5 KB 40ms
40ms Script
application/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 18:12:20 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
age: 115062
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-rq: hhn1 111 254 443
last-modified: Tue, 23 Jul 2024 16:04:57 GMT
server: nginx
etag: W/"669fd4a9-4926"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -HVccXdn4AdxU8XRLVJZRqDwbfaBp1J1BTlPrg3m8Gu8laO_en2e6w==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 136ms
49ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4fcc80e1787f50b4b915e47fd9ba6476ca85f48a12630abe690de4b3286f2cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-amz-version-id: lBA3ygfjknYt0iA8diXRttkoncJ5Te7s
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 150
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17121/bundles/project.js&cfRay=8a8898d1eb811e53-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 8083dfc3-98d6-40b7-aefa-29e7c93ddd4a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8083dfc3-98d6-40b7-aefa-29e7c93ddd4a
last-modified: Wed, 24 Jul 2024 15:26:10 UTC
server: cloudflare
etag: W/"0250b99ae49ee3a224961f4b45982c01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-gnv22
cf-ray: 8a889c7cfdeb4d76-FRA
x-amz-cf-id: az2CChMjHs1D8ZD0y9RYLZDxaBS4yXeTDL1qf5dcFjEjyK7DUXlXWw==
x-hs-target-asset: conversations-embed/static-1.17121/bundles/project.js

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1721873400000/ 68 KB
24 KB 260ms
165ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1721873400000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9065d89843599ef30f11ab7082b7c52a755ee889f9c9cea047f01f1e35f9269

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 0KNHDFWXYZKM179B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f0ac4306-1c53-4302-973b-099f0981b369
x-envoy-upstream-service-time: 21
x-amz-id-2: AbxLxMTqC9ZG9Bo15oyBsASfQuHNpU3z5T4v+YBj79t38I9O9dGXSiNB5QMpQ19WGDHcLqK4VapYdAsJS8Z1Icd/KzhT3Kza
x-evy-trace-listener: listener_https
x-request-id: f0ac4306-1c53-4302-973b-099f0981b369
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 23 Jul 2024 18:56:10 GMT
server: cloudflare
etag: W/"bbfbc43dec151b7f62ff67faa3c31aa8"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-bzkq5
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a889c7d09223837-FRA
expires: Thu, 25 Jul 2024 02:15:02 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2153467/ 71 KB
26 KB 798ms
701ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2153467/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dbdf83e6734fe53b0ecbf2a814f1a36bc44d4c2bc22493334aa3911cee81c3d

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-amz-version-id: onCfh.16A6oWSE0hnba9nxFPAlDLGMli
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: FDQC1PQKASRFG75N
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e485af93-e9f4-490a-a584-d8c86e2ab729
x-envoy-upstream-service-time: 34
x-amz-id-2: //xueYbq6SQXSnLvPo4JZe6ZsiS1tG2Aj47Z6GP4cwvnKy3zMNH0UYKoTR91HWtOOGTSbaFXcQr4vbA+hjlpS8ErfY0Nxgob
x-evy-trace-listener: listener_https
x-request-id: e485af93-e9f4-490a-a584-d8c86e2ab729
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 08 Jul 2024 14:27:13 GMT
server: cloudflare
etag: W/"7795e0d76f9d93cbcdc11a5b70c49fbb"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://defensescoop.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-762px
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a889c7d1a1d3802-FRA
expires: Thu, 25 Jul 2024 02:15:02 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0165 0
0 156ms
76ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvSZ_lLkZTLU53OIcKu_WXae0O4Rc2wW22CHoGU3T7hrZPM-9NhSd93LpEtm99Bb_zg750XU87izKzFyyjf8M2bYgr6TwWQ6zMnL9J6eZn1c6HKYxFq_tVGcLSda8E_TeEIZplR42NOxWniQ2q9Cq11YctDPFbQ6lhYpZWnvGnC5un29p7QvcsMgujGiRnVGwLMgEMRz6xOTL39GveHbTgdiJevanqvJVR_59ZIptAwjf3ZNqyVRnhQTO4TBJL-9D_mbfjePR8C4w3RYYIq5RlN3O2YuGR8Klx1f0zfP0INVgnynvkwn1Iy8uKik_ijNFkQ7H5pYI48mrlObVdkFspYZHJF3ni2tOa5FBuw7UGdC_E&sig=Cg0ArKJSzIqFPN0IZNe9EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame 0165 23 KB
9 KB 176ms
97ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame 0165 3 KB
1 KB 118ms
40ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0165 203 KB
63 KB 120ms
42ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 13714902336691784380
tpc.googlesyndication.com/simgad/ Frame 0165 340 KB
340 KB 133ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13714902336691784380

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ad82dd310b2bd9a1911487bfe24d02345151173942638a65c562af75569f4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 23 Jul 2025 03:00:31 GMT
date: Tue, 23 Jul 2024 03:00:31 GMT
x-content-type-options: nosniff
age: 169771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347879
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0165 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19ffe5468ff26e2cb8cc9db26291acc9309a316316771bccc98d080787cb340e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4210 0
0 98ms
76ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuLfT1-uTn0qCSRwrhExA6AUy0M5bBq3M5oxMyiE6LV1j3h3WbgQZMOPtpG1yPInfLcVSGYpDPVHGV0Ewe_XWHtIeJ1FqrzkkJRtVtl8qj3yMcrL3FBRNuw-thOsTO4CltKLXayUrMp8bsqHzFiP1tYYjCzFCC06X6lucbqqILDYEWBUW3IWlAOa1FAW864UOJ8qUt0fyGxWiWlskYclUwRJIxRqBtpoA9R_XNMU3tcUCYQjYd8Lk31YyuH_OgroGbiEY-VZWtR9vEiPlcdcyk-3tnZbMXsfohnI2HrZsnOSFkTYiK9tQON2iebmGDGGJueTMyIv_W0uKriiD9yh5A_C1Bw9f8c-hFRB11x9RIsPJ92719J&sig=Cg0ArKJSzDdI9TLMtQGREAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame 4210 23 KB
0 121ms
121ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame 4210 3 KB
0 62ms
62ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4210 203 KB
0 65ms
65ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 15039736008168297027
tpc.googlesyndication.com/simgad/ Frame 4210 48 KB
48 KB 229ms
193ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15039736008168297027

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a168e2f7b0b4382f7985fa2232ab6f5a6786aedc325d292a6cfd1075e6b7d600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 18 Jul 2025 15:19:31 GMT
date: Thu, 18 Jul 2024 15:19:31 GMT
x-content-type-options: nosniff
age: 557431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49441
x-xss-protection: 0
last-modified: Tue, 28 May 2024 14:06:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 13C7 0
0 90ms
77ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssRj6ZuZu8kHPrAmiSjLmydnb2GJNTSt_hM2wVmYSdlaioWgqDxot1h00-SuNUBQCaTMVjZBJ0RoXYSjrjblbPjnv27C-ualVzgDZz_upO2caNM9kZw4JbOox8ppn3VAE6OcwZJuc5ja5uDOTM7reY978nneQSIEJGTD32Q7Q8R6Fu1pJf0N-ByL-TFjxXWqdj-KzOwe1evTJ0TM4CokoCUJoa7lHmwnBJdfadt3UCAN7Djus-zWTFuPWCMS89nF1Jo57EZ9PCrSk0werL5PXO6ktL6111qF-Jt5lfUKV0Yt90RXeXmrsKVbrAuAWZmc-T_NLe_kbukxaaM4Wc-i3iSgJzIHf2HxQxJr6fT72YqAK9jTkVl&sig=Cg0ArKJSzOmsqI05fs1SEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame 13C7 23 KB
0 114ms
114ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame 13C7 3 KB
0 54ms
54ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 13C7 203 KB
0 57ms
57ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 18352147048797252924
tpc.googlesyndication.com/simgad/ Frame 13C7 358 KB
358 KB 230ms
203ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18352147048797252924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735d89ed85204c79ef78fce7a67dc8494bae6ef72b8a307c0e5adcaa20d20885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Thu, 24 Jul 2025 19:54:54 GMT
date: Wed, 24 Jul 2024 19:54:54 GMT
x-content-type-options: nosniff
age: 22508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366778
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 17:42:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D22A 0
0 81ms
77ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvncb8TRmP_J4T5tkThhcUqd7mEZOJNbdrst4QjoMctmAQOgtltWFwVRT9zk9Yb3U-fTitQ3HIG0-lDqK11SOGXQ_ySKK8HXi708W7GjDj4mI0LVX31jJFTQ3wUfWBQemQO9VNp7ccwmBu9nsZ8MUzOStVA-PGgRZzd99kBGa2jpvTgKzG4sqTE9PCWNqH2i-0TX_gJFwKkzFux8s8MqUrBNy2hftgdPX_0UVZMZDfNaKWrs3kSNpvh6ilstd2gdaGDD4Mp-tS1jILauCMJZXmD3Es_J8SgOmipPx3Lbi6qW9_42u92ITSmTKegmVV6LV082NCz42q1jJP86YdSBb8y45jnhgBzM95zyxw5OYvOwbEyRFfN&sig=Cg0ArKJSzLNC1x6CCEKUEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame D22A 23 KB
0 112ms
112ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame D22A 3 KB
0 47ms
47ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D22A 203 KB
0 50ms
50ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 15613280266944491349
tpc.googlesyndication.com/simgad/ Frame D22A 122 KB
122 KB 283ms
264ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15613280266944491349

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0bd7669821f86fe072d8a25b3c0fbf821c95f8e25de41d79216877b2af0690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 23 Jul 2025 15:47:05 GMT
date: Tue, 23 Jul 2024 15:47:05 GMT
x-content-type-options: nosniff
age: 123777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125112
x-xss-protection: 0
last-modified: Tue, 28 May 2024 13:55:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DB1D 0
0 94ms
93ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst4Vlh5deXlUiEg0TAZvNd87kjDeY5oS6Ti0pCuHwO6Uu8gucY8sYZjYKiHI_fEqcKZg48w41XMNNeYZJfl8j6dAlmRaGexeZYzj09-yfCE12CueCcseTfVhNXKOh3DzMFknf4RBD_HysX9PCFJGaPsPCrvPxgE6lSMKfyF99EXja3oO525YbNWYor398gVIXvfiQs8V6cTFgLEywk58x3Vh_x-N_S-5DZS4FZsG9ykijyaVPA5Pn8eg-HeQ3kqeixoTrVY-VMpjI_zRPtAv2KfXSyBwdMn-RzDA2vOmPLMo3Jc8gRCHdCeu40iDX2asWrZY5ba4rDaCtbw0zdbAAiHgiFyZaJkv34Ddsf67bTYNG6OH3oU&sig=Cg0ArKJSzD4KZxa38pSmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame DB1D 23 KB
0 106ms
106ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame DB1D 3 KB
0 39ms
39ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DB1D 203 KB
0 42ms
42ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 12443397086281390111
tpc.googlesyndication.com/simgad/ Frame DB1D 104 KB
104 KB 273ms
263ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12443397086281390111

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0d02d2de708c3a215780149ee117036a831909d8a45b7b7bf10801c8ce415ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 23 Jul 2025 15:45:47 GMT
date: Tue, 23 Jul 2024 15:45:47 GMT
x-content-type-options: nosniff
age: 123855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106821
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 14:39:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D51D 0
0 84ms
84ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsseFW-d6p8ZDpS8_fBMCt-HJlwQ4xyF6zmv1qQ6k_0F9dpuBywAIpZEZBX5NILTTjx2MBl4zTRsql1zyslyEiz2_z_mIqBIgfru281cL0Z19iZfF7C0Skya-5dssKBSxoCY1AqdBrxsEoHVw-yll9eDewjbsT3ybqJAUGC1K-uQ8cH1gIOdgViWZXCmKXg9Ut3_qNAk7p95CviLcIR87mLfkSNM6LC4tTLIUFgu_UIz_helNXLzqU6WNIvABccBK9mpHAgbAlUSWopU_IXlBxrpB27_tFHZrHVdoWQfDPPVWWKzd-YOrGrQX-Mt1TzFG0gHEbziTAcKlakPbPTFjwgjuE6ow1mmR3ezv9T3sw&sig=Cg0ArKJSzAb0fRo9SS6_EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame D51D 23 KB
0 98ms
98ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame D51D 3 KB
0 32ms
32ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D51D 203 KB
0 33ms
33ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 10388734398258311691
tpc.googlesyndication.com/simgad/ Frame D51D 302 KB
303 KB 254ms
253ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10388734398258311691

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f33901d3131c9cc6468fb5493e250c17c445dae0f3f435e5684ba4906faf3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 23 Jul 2025 09:18:34 GMT
date: Tue, 23 Jul 2024 09:18:34 GMT
x-content-type-options: nosniff
age: 147088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309592
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 14:39:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 366A 0
0 78ms
78ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuJaL8Z52TSoi_wl5lk-dap4NF7dqXE7B1fosYFNTxiarZOOnnNlQUbQ5IQ98O_mbptK5XG9E0LDKSMx92eysUroIMSABOPtec2hUfVuihyMbY8vieFsa0qe8_ctj8yhRrTuDE92FIpF63I-cMd_YYmRMS4eevVkm2phGrqgxYmMl9qS1YyuQ2YumHOLvtQ1U4lWlhUgUfSL2RAvHHp23u-L982lmZ_Pb1CiclrX1NTa5FCaEv6GPw2wBloRhPFXXvHEZU8Zx3ipZTxrMQ9xWfWrXed5S2SHfXFiwPagHlkwMHGPNx5g33Cncaw1YMCD7cf4UxDZeuGl4FI6oNeLPwquoHZafVBG7lc5djlDKhcEJS6&sig=Cg0ArKJSzNjLsylp3g18EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame 366A 23 KB
0 90ms
90ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame 366A 3 KB
0 24ms
23ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 366A 203 KB
0 24ms
24ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
H2 200 2105306760626943227
tpc.googlesyndication.com/simgad/ Frame 366A 94 KB
94 KB 256ms
256ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2105306760626943227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5bacc7866973628d21c0aa4923871bce40ab4107c0d59e55a8256ae44c71cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Thu, 24 Jul 2025 18:12:00 GMT
date: Wed, 24 Jul 2024 18:12:00 GMT
x-content-type-options: nosniff
age: 28682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95824
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4210 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4455873c358873af9d595f5b8b9c964fa4c7fd6a87fcde2cd4a9a221c9145e6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 13C7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76e0db8eb9e3afff6d639ec305469dd44a91855a68a4018a3aced9611c77b8a8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D22A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce61d398f0b66fc4d024c1290f87dbe68ca6ec0bb17ef1c3d4b5cc42c9d1412a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DB1D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7060bf37cd7f9a72283bec898a98741ac0dc279a5d627bf1a5bc0cf0fd7f2d84

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D51D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287c0b0d537e69bc65489c82c1e7289b8f75ddb34cdcf6d7861fb33e0805f7f7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 366A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7325c47f0d5f5d6397a383ec08432a0dfdd7b1f7d3fd37b3ae62f76ae15cf3f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
95 KB 66ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b06ab7e61e2cd9d4b0c85f3d7facd7bf8cf969ff9270f472d534f6077c009c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 02:10:02 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 230ms
79ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=28197
accept-ranges: bytes
content-length: 14597

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 153ms
37ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-etou8220134-FRA

GET
H2 200 hotjar-3095877.js Show response
static.hotjar.com/c/ 10 KB
4 KB 256ms
107ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

d42a6e638cae597a67c7cf32eed3e576e63a364baf7322185d02c7a3d69a558d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 02:10:02 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/e8107df7fd3b1fd7166ef0976382caf0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dWhzW8u1Ir452VmqGqh5PtVMvE7Pu_pO8IQXDEMCLSpD5O-fmQuyGw==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/cyberscoop.com/ 59 KB
22 KB 171ms
45ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/cyberscoop.com/p.js?gtm_ver=3.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ce15b1b0736e883ec477f5ca54ed0f8d4cbba5bd65ad21394bff1abe097b3e03

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2024 07:24:44 GMT
content-encoding: gzip
via: 1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 17:22:59 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 67634
etag: W/"668d71f3-eb58"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: YBWzeLld66zuDmCd567vYur49rkGFz6e4flrzeO-j2Svrf8pkc0EQg==
expires: Thu, 25 Jul 2024 07:22:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 170ms
46ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 02:10:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 2UTeo1QRCWm2M2btGrRw+4cxBag22DR4gZvvMvug/SIQ/BArpacV7SzCQkwD0NWqQe/rtZiRjj66LP2SGTl4TQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 93CC 0
0 74ms
73ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuaANU_FmzSwHlDfYw55bajFVnskM-A1a0zhCq8VibeGaXYMZTyEQrUEC35-PuDFX7h0V_2xHPn-VqCotkXbjFV05b_MpN-0F2WqQj16RMceuxNFxfr-IRzwc9R7Rqi4QT-iwxUO_gLZZDvLBwSL-p8zr5Zf52yGer4w3VtkOKdQNbnfKYRYKI-qpekxkCmDVStfhaThTfPJNq8kC3TnDIw_VTwrsRbvoH1AxFmZQkR_7wGNnQDIIQWmE_3NKy-yz4GRNnBdFaiLnzRNvYA-1Y13ByEc-SCmWhgBU6TQ7o-1bf8FJf8aLAlumslgdO2KNHYovMpNQErDFtqGUE8uYLbggpGmSrL8qxxkXgU0BSgOanI&sig=Cg0ArKJSzPbxQzZAFxigEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2105306760626943227
tpc.googlesyndication.com/simgad/ Frame 93CC 94 KB
0 161ms
161ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2105306760626943227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5bacc7866973628d21c0aa4923871bce40ab4107c0d59e55a8256ae44c71cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Thu, 24 Jul 2025 18:12:00 GMT
date: Wed, 24 Jul 2024 18:12:00 GMT
x-content-type-options: nosniff
age: 28682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95824
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/ Frame 93CC 23 KB
0 0ms
0ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:41:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/ Frame 93CC 3 KB
0 1ms
1ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240723/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:42:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 93CC 203 KB
0 0ms
0ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64480
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 03:01:10 GMT

GET
DATA 200
OK truncated
/ Frame 93CC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec4545e41955718327330da5fbe2e38b42c62ed83b17860ece26d24a5acac2e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 201 B
992 B 233ms
232ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2153467&conversations-embed=static-1.17121&mobile=false&messagesUtk=cf2fbf27d843404890189c549e1453ea&traceId=cf2fbf27d843404890189c549e1453ea

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f36db75a57c0877cb108f5dd1bac82555bd0e3fd3f6fe7595286e7d0fe7ea3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
X-HubSpot-Messages-Uri: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a2c6079b-4e2e-4dbf-a936-2066e5e58f0e
x-envoy-upstream-service-time: 73
content-length: 201
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a2c6079b-4e2e-4dbf-a936-2066e5e58f0e
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cyberscoop.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-7r9p7
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Tm8o5X1YKCbePND3pftMxg%2B1qMbJNigRsoPX6F89SLtyL%2FSwm39%2Bbz7JaPpjlX9WgpDadtwq3wPJieeh%2BZSPOdmX7c371UHNFOrkQ9ARoMZTsN%2BBijRqHsROP8YMyreRVcHhj21NeLQzbOiPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a889c801bb1972e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 154ms
44ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 00:53:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Jul 2024 02:53:22 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 263ms
159ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://cyberscoop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://cyberscoop.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a889c7f1b18972e-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 25 Jul 2024 02:10:02 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNOIX4Vv1YDzDz95as2T1Njm6Oc%2BhAWaO%2F7wDIr0Ammnd75eGB1Yh5x%2BL6EUVyaKk9ZM54m1a6L%2BNPuAuMz0J4HlAPCe%2FXW1n7n276UKjkNhkxuqGN50S%2FQtVMwwxFdu2vpXtYiCzTjHTh6Hhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-f8bmh
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 0d2ff195-2c49-47a2-a978-f10b6e5029ba
x-request-id: 0d2ff195-2c49-47a2-a978-f10b6e5029ba

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0165 0
0 79ms
78ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssnIAnVIi1comS1g-V2YDPKkbc0xUvCRmSd1O2m8F592suNvW8cY-B0Nw6dbRKK9pkDEL_xQycaKViRKWH8VWFSLAleX83tLcVfr9f0m9l9Lf9Skyu9jt6hORnyP0fOCdjeUnw0vrcWKybftouIxgXxqnchJA3-RdANeIoa3y_PQlSaUFJv1CTvH6PUa8UJjcI48jRvIydbFhD_0c313LZYLgwQn_mskSM5ZwAyy3QREo4CA-bLGkt2pWTLrmmXQzYsY3rKj_bRZEThXVyqGeUQRefeSwob1B42jkSiKI-5dROnZS2ncO056JAL3BwcMKn9BL485on_nkMVtpkdJFPARAhhr3msFdYr3jjbHryHVW0QrQ&sig=Cg0ArKJSzH3dCLIRBoCHEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0165 0
0 76ms
75ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4210 0
0 76ms
75ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssgYg7m72Q-aLCXYfHkwcQa7Tt5HZRZVhNOY5DmOHT39Ten9_B67tXG9yuA__pHPl6AsN9nNPxVWjhwnMPBrczzQasRiiRiWwE3Mk3EnK4XPtTzbs_oI8tg4cCyUjz_rwjQVQm4lVNSTS4sxIxjVYD3dvlpA907p5Fh6Fmtnhu3tbBUXy8TA_Wu0sKXWjwJjOiKXNPiAlidXbLrQPUDA51FdrsPlDIxawP7EA-GZxDfvWVPtdpC5jevC0VV_kyXfII48SYSn_n90xyTWhWU-YQ_MV0rS1kZmSO9ReuSkWWRMNJ6nWAJcnVkmV2kyQIgYR8nShqqxD48slnEsr72UZlWyXl4Lo6A3Djq7w16-N3PwuoZX0bHzjo&sig=Cg0ArKJSzKb8VugIU_dhEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4210 0
0 115ms
71ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D22A 0
0 167ms
71ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DB1D 0
0 80ms
77ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsudwifHnfogtWNneh7kpRFzjuKyhv6UjPoaDNtmCXC5Bhp5-kwBHtm2zPT-nUNT2RyiO8VVhLuCyasdIXbE-ulvOzwlza9GAeyCSYu0TkLNGvo3tcpX_GZOfqdmnIHvS_aDhx0sXaQC2bSAa8u2wsu_SsYLwzHjDApqIZeVLYUSijxiYvG5wdaVi7lQLllKz2pvdSCj97nUGEHlwYw4Cxor-T2uhx4d2mu-MwVeLKVmJ7i-tPQ4K2yIDKAMshfwJH-yCD_eAui7S1SavMPRx_hRUNjwTbhcAqkN8sL3heaqf6moxVFYy6d2NEWwisJXhX1gA4PV2JmppOsraMkvqY0zV4v5RLpMMfqNdOkBkRImgUFxLncPGnM&sig=Cg0ArKJSzLbUvZvtuxg7EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB1D 0
0 193ms
70ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 13C7 0
0 76ms
75ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvTRAOxSwOs1-uL2ec5M-WE3-u8s6yMcbnO7t4lKz6tpI79uuUxD5Nucph-oGhHJ19VN92JWAJYvkLPP6uydzSyNEDsmnVsXeF2yUtFTZ_FE5kWBXtfj9KUjO4HG0UQ9yoWcESmLUysLpMNqRGGZ3mu5ng2_y2NZR7Fku52ifLIkKfdngEan2xRXh4YSlkYTqNLo1nLa-uyZWvOhQhW_rOHP_nh3ZSpJo4scYFGrGNSDOvI2H0Vdl-KgJV20WhMmXyM8u9IROxZZWEqEkYkdDtLlSLJehe9XNm6Fwc7Yn2XDKW-5VGeKI84c4AHtWmljO6xSDYsH5UfxyQIR2qANWlEyxGnvc4-8IzJd1Rvg0rOWajQTbnXgLI&sig=Cg0ArKJSzCMxe8MaOchOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13C7 0
0 219ms
71ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D51D 0
0 74ms
73ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssTl9PU-fXjHt7V-xVKFTCr8OS3-1G4CFoiyMzWOiAjyZn0EjeDrFl6_nhdNs7an1ITTt15Tnvo8L_-bZ_MJdnkkW-XAG3ZYBFYAp-McgqoxJmlw3O7iST6R74_SakFJrjFkGQIfuxk8eQhsJPF2vVS6aFl6ITjw37vUi99DNMD_O-BZPNT1VgMim_V3R7cSYbX7VDmUkEfDTnOIVG5yBKSVshI6ne4Z_MH5lE4flJuN-dF139Lq5m-mLDVyeZmhx4WtY35T1Vys-F0iwEYv2Ix49BCzn-qgjhIWUKoMtRdLDzjTps1md2jO9DJqJvW2ByXQR7O_v4meMpJfd7xdRGWM_cRL-fehbqthDNIVPZB&sig=Cg0ArKJSzO8pkickn53FEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D51D 0
0 254ms
71ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 366A 0
0 74ms
74ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvHqx7j-kh_V1HJwS6dQcjhxUC_TExpmhN1Q19eEMMVYvBW4hMYamx7DnEq60441LJcPARYkL4upL1HCA94nzUdg1348MS0jq46srMc2T6BOkU4LZF5DyL4HKAZk0dGSGPlpgtTuYi5byZr7EhoooFQEAjXBhzoJgRRhxkHyh16RfoprZ3DDG6OeUK_sTK0oMG6Xgwq2yNFdZJDu_bnXwYFEDoZSC4SwX8eKei51Uwyu4mpxLjU3qJQtywUxymNkV3-DA3rc0x-Ym6q47be3_pyEf1M0LLjnH-cHZMQFnxh90jkm1AH1op3GFaLqW78n_7oIICaDLeNK-Gl_tyVy8t__F52WgufQ5FqvUC_uJ2iJK3IiEY&sig=Cg0ArKJSzBdMwaL_5ziOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 366A 0
0 304ms
70ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D22A 0
0 74ms
74ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvw0e_cTETcAF1OaWDjpowX3603CipGgN2y15pRMOzihUrMuMOZwdk8AT5vIwIOgu3S46Dx4U-sol2m9ueklmYaA6jAiBziKy73M6nviktzYOHDnxnWYK3nHucfO4TKsZ94-b9ARuFL9fQf_9dedK7SNOJPIHQjYOBbh0lBMlU6nfoYD7JX7vPBaZbWiRKQlumN_JkR4r0z8z4BDcBlDuJOjVM8cWfItkiJGYjXJMnT1XuW4iOCKN3LOyT0ptDXg4837xR3QrXNtG_f_yo2wF5R5Cmyg-qYYqCU95jKEDHA3QXmi7fKQo02oHUFVlkWAIpamwVzDRuLB2c7n3poLsWooCmSuUrQDOrITXWzjKgzsy953-LWlpk&sig=Cg0ArKJSzM3X7Gn6TNRVEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 93CC 0
0 74ms
73ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssC1XgC4cfm10gDIdnN6H1OWWoKMy8vwP2-9dpqWUFpgS2dZIt6dCS8vFNatsVbB4ytR_n15DeB2ZVePBBGf2ZyyLLBDPN2ludXIeKp9QgNctP9CA-WryAVy037Xg6IgDDqB5cTjdAPRejB3i1N9g7g5Hqzt84Dwv7Rm8mIBSSMk4hrpzlxFTbdDxsyf4SpI1rv26-P8o8H0kCo1poqH-HGH_GpyU06tnUc5HBu47pZfpv2RywVoFfFBn5Er4QqUGHxmG-OMLQDetZBhXh9bG_XBx9KdFXjY63zEd4fLYzCsszibXBJqgYgIL-MQgos5xh0L9Utyqt6eYzH9iFbi9xBzkucYIbMSPLiXgRLIXT9fpFQKbw&sig=Cg0ArKJSzI6qJU_74cv6EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93CC 0
0 262ms
75ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 141ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T6DX9FEHNM&gtm=45je47o0v898526277z8831877454za200zb831877454&_p=1721873402122&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=278001889.1721873402&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721873403&sct=1&seg=0&dl=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&dt=Cyber%20firm%20KnowBe4%20hired%20a%20fake%20IT%20worker%20from%20North%20Korea%20%7C%20CyberScoop&en=page_view&_fv=1&_ss=1&tfd=1470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 298ms
150ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b0050885-baf1-43bf-b991-3620adb3c9ba&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ea66baec-c4bf-4858-bfa3-732368507eff&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.30

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 25 Jul 2024 02:10:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 75f8c8d6ce9734e1
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: acca31cabef7ff0edbbdcd5fdb26eca3db9a606b1f9d013894a6a784a7d3ad93
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 334ms
211ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b0050885-baf1-43bf-b991-3620adb3c9ba&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ea66baec-c4bf-4858-bfa3-732368507eff&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.30

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 170
date: Thu, 25 Jul 2024 02:10:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1f616b3133720827
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 84318a79a748c72e46b9e540da78b6ec75221cc78b87ff5cadf01c0374cd5fdc
content-length: 43

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 275ms
60ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1721873403046&plid=bd0cad81-f71d-4500-9dfc-172bfb9210e4&idsite=cyberscoop.com&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&sref=&sts=1721873403043&slts=0&title=Cyber+firm+KnowBe4+hired+a+fake+IT+worker+from+North+Korea+%7C+CyberScoop&date=Thu+Jul+25+2024+04%3A10%3A03+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=567d4a90-4a99-4328-b387-0113be7257aa&u=pid%3D8fe2d125-79d5-4c82-95fa-155b53704e2d
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 02:10:03 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 25-Jul-2024 02:10:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 148ms
47ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 145736
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: k_GroF5Y4SqLe1CQqFTQVAG-8qoCwnOJYEz-Po-O1osz14_-J98MLQ==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 308ms
186ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DCAA575562BA482EA500419F4E98527C Ref B: FRAEDGE1320 Ref C: 2024-07-25T02:10:03Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYeCOSMqk6Ryvwvp7WEOw==
x-fs-uuid: 00061e08e48caa4e91cafc2fa7b5843b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&e_ipv6=AQIUzsKbs4xu5QAA...

0
266 B

303ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&e_ipv6=AQIUzsKbs4xu5QAAAZDnpw2DJi1YRVcb2IIX-arppjo_-eBHaSsR4V0gZrofQ3soUwI7-nk
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1E0AF57800BA44D49D5C7D30316DAE0F Ref B: FRAEDGE1605 Ref C: 2024-07-25T02:10:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeCOSRXlxDMLHN+k5HvQ==

Redirect headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 13E19FD8BFDE435BAC67C863E0ECDD78 Ref B: FRAEDGE2018 Ref C: 2024-07-25T02:10:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1721873403051&url=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&e_ipv6=AQIUzsKbs4xu5QAAAZDnpw2DJi1YRVcb2IIX-arppjo_-eBHaSsR4V0gZrofQ3soUwI7-nk
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeCOSMp8U8ILq7gdWP9g==

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.162&r=stable&domain=cyberscoop.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16bfa0b752b489fd95e64c9ca4c7aacfee4012f82ae76561575ea4951957a6f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 02:10:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14056
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=65, mss=1297, tbw=64244, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 5tveVEmKNscoiWIp5v1BKEwUaI6IAJgeVVhYsOPXZyaOCxBop/cgklp51ZbmolIBdItFFLiRuJ5+ZtRQqWnBlw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 54ms
52ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=141866060&t=pageview&_s=1&dl=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&dp=%2Fwelcome%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&ul=de-de&de=UTF-8&dt=Cyber%20firm%20KnowBe4%20hired%20a%20fake%20IT%20worker%20from%20North%20Korea%20%7C%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=972330890&gjid=1482060201&cid=278001889.1721873402&tid=UA-80491860-1&_gid=1026736063.1721873403&_r=1&_slc=1&gtm=45He47o0n81KR697BFv831877454za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753~99312313&npa=1&z=1090541190

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 158ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&rl=&if=false&ts=1721873403147&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721873403139.234085012118690149&cs_est=true&ler=empty&cdl=API_unavailable&it=1721873403072&coo=false&rqm=GET

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Jul 2024 02:10:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 328ms
215ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&rl=&if=false&ts=1721873403147&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721873403139.234085012118690149&cs_est=true&ler=empty&cdl=API_unavailable&it=1721873403072&coo=false&rqm=FGET

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 25 Jul 2024 02:10:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395389954615892880", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=14, mss=1297, tbw=3157, tp=-1, tpl=-1, uplat=165, ullat=0
pragma: no-cache
x-fb-debug: f42MeQ3BPJk96YMkKc0m/VScO8Rwe8knWoKVuWS/NEP2WMog/A6SCFyzunVgmRn9Wk16mjVzWX+mGKbSFDwzMQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395389954615892880"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 184ms
183ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 02:10:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1CE752140AB645F4A7A42462DA123AB0 Ref B: FRAEDGE2018 Ref C: 2024-07-25T02:10:03Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://cyberscoop.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYeCOSUPjB9JAhB/nRkjA==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 55ms
55ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

90d1bfe2c4ffac83eecdabd1bd969d36064b65627e0729157a5436bea66873dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13040
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 328ms
187ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=2153467&rcu=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&pu=https%3A%2F%2Fcyberscoop.com%2Fcyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea%2F&t=Cyber+firm+KnowBe4+hired+a+fake+IT+worker+from+North+Korea+%7C+CyberScoop&cts=1721873403678&vi=a72b4baf1857b8e0be84089ec129d727&nc=true&u=143679850.a72b4baf1857b8e0be84089ec129d727.1721873403673.1721873403673.1721873403673.1&b=143679850.1.1721873403674&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b0ce5a96-f34e-47e4-be14-18d95e0abc1b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b0ce5a96-f34e-47e4-be14-18d95e0abc1b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8xaJJwkikVvaYK93XPNE06T%2FCUDzjXQuja7o2xkVl6i%2FesmBXVINvuzMJOh4T9n2Wa5O6CD04OQyBgCWWkFA5X8vqoByqHf2Li6CdVKMcQqek4d2m%2FzQzQNnCGV9MJlDRx8ljYwz5n8U98XWQiU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-kjwp4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a889c85f8dc9217-FRA
x-robots-tag: none

GET
H3 200 cropped-cs_favicon-2.png
cyberscoop.com/wp-content/uploads/sites/3/2023/01/ 368 B
669 B 60ms
58ms Other
image/webp 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/01/cropped-cs_favicon-2.png?w=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 792f09e55879f45045a85cc0cb1cc97fe647f26dd63e69ec79baf984055045d8

Request headers

Referer: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
x-rq: hhn1 109 92 443
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Wed, 08 May 2024 08:26:23 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: "69ec1ddb8f7b6837"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
alt-svc: h3=":443"; ma=86400
content-length: 368
x-amz-cf-id: 3f6XSf_aFV1xN9Lwx2XJaF3RNUJB7im7Wbvobu5ZNNyEGN7sEErApw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 02:10:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0165 42 B
65 B 76ms
76ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf7KnBV5sn0LKpoItfwLxwxI6pk5spY4gZUxg_bXxP_MGdw0GRb8x1AKSHfWfNXPmsMtSqVRhcDpXmfE1gZsMUVIQGAp-1_GtDgudSfL7LPvUL2sI8oUnz8jp9FE5vRDCb58pGGU1WE1lLy9K2c0h4TkcQdzSKV2JsYqSZPw&sig=Cg0ArKJSzBb2stDggTlTEAE&id=lidar2&mcvt=1000&p=362,480,842,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=145983194&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1780620200&rst=1721873402352&rpt=319&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4210 42 B
65 B 76ms
75ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPRZplHxvF9VjEMtlm53x-XA3Ii53PegvhXX8YtPwhH4WYml9vBMOGVNkQO13JN0KQPqDcVjv1GE_9z6NlxRavRr8Vzb8sXSN7cxXBfHvQuj3Y9NJlIGBHFpIwyJ9lw50SUQWLwSRpYs2XkfT7oNFXeqla-mLhNhC9oUWq1w&sig=Cg0ArKJSzD34e9vkI_8VEAE&id=lidar2&mcvt=1006&p=806,1143,1056,1443&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4015763869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1780620200&rst=1721873402416&rpt=294&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A99 0
0 122ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 45237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 13:36:06 GMT
expires: Thu, 24 Jul 2025 13:36:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D51D 42 B
65 B 78ms
77ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP4JsnCTPIzBOTv9NBg0WT72EhXceE7lB5sFjCUAbyspVTCTYbag_Rion8Gm66aWYdALQfl5NfyDXr_G-BiwMnEB9aA59Hk3nWUNYs9hHBsA85V85yus_wAQRqCrKfsGuDRFRN5QgnDijOMfG-5GXn9dn_wni_L3OoJcYhrQ&sig=Cg0ArKJSzC82EqBkxfuXEAE&id=lidar2&mcvt=1002&p=24,315,274,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1951456962&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1780620200&rst=1721873402452&rpt=409&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D22A 42 B
65 B 76ms
76ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua2mfmssLfe9KSjyN4604gkM5Hi6kGPsRqV3CT_8RE125dub01Zo5MeDgQuQwCCIL3KlvI3sPP8lklxYYlwqWAFsxQuxKh_v3qLRm9qRxKbQcq_nyO_JklTyrw1tH9im0oK4Noo6VNI8oQiSSFX-EaBHXD9JNke4rXVtwoXg&sig=Cg0ArKJSzIqaUzk_8JL6EAE&id=lidar2&mcvt=1000&p=524,1143,774,1443&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4107124343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1780620200&rst=1721873402435&rpt=525&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 02:10:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407220101&jk=3204753697887549&bg=!YmGlYS7NAAYaZPuaOmQ7ADQBe5WfOP1rglU5gOau8uYOQPAp0VLUDeD_bPlfI3mf3giedPO9Fe5pgtiZWbXWQFzftEvYAgAAAGBSAAAABGgBB34ANlUmIYq9f0A3mtfRuQzE4Eh_NHY8jcOtO21Ulk947n5XGzkO9l7TkegpeNxfSJbV9ImfNar76goAeTA-JqX8d6upN0EBgeTskBbIqiFW2nUgH91i2bb7hPR-hjo9O-Jo1oCHJuLTiM0VEh-2oX6vHGKG5CzhCe5CYjhhGs5xFTu111G3gLeVzlyYffBPUnude5Lk6zkVSh-BMdlNuY51NfMuCtL1r-6tKg6rXoBKI1UmtleZArgjw5lcBv1HVBOdBRQtXg6FJo1e0z2aLKortiv8BwAqr2SlrHCeDtlJPRgaV3tZIowQK49zYx-cAsLAvi78cKcRXdjJJKT4vCv6DcUPMR1GRitkdxCJB3YBH7nENpkWGZxpBPZtnoIpp6vuY6_ALatdrrshT5ISdbx4lIAgU0Yu1qohu-KjgHtAPLOkKFN1Hk_C2cLTfuNMWdGMArxO4CBC9k9Y4RkudLtE7EBAnqo0YkV_2unQAoDraCFsUSSn3fP_hEsERsO0BV-Z20AfWpeTxlu3UOfHqYJYwdON0MPQK_ZsmouCNzvW_6nOPL5p0HVlqzRebLoU1dT9F0Hh2olB1eHb5dHH6wFHa8CQMsDiYTxNJlENwfKJgy1_vFuZrFnCxuZLQJCCNrRkrgEFYqYbS-55Xcpo3rpB8mEGA9uYuVuxOXmN8kFU4UGUzakF7982N-tDKxjDc95hyqHNutoOJg6ieoXrGws9YCX1rwRLvYsp3a03tY_d5-axjyBliYkwRoGbWQXYfUyHi9Nyv4tIKhxphLYWgf3Qt1RcHp5mFQ5RTuxIu7R76BsHONnrZB-YC-Yc_IIHP8DQF-dU_sRrboN9p2J_br2k9TUzF5kMPoQeSHmUYg_gT6LxSDsQeSXK4bAqZcuEMittOOxILY8IsC17t9JO9zaeMIBXiWYJYrq-6z5-rsOyuaRrOtrjSRu52Eg2meCGQZunU15dR3x5oXsf4UcPAxKJj7uEcA6pzy4rqyspibuRFk2TDgNKW_BRAGjcC5JXRpAJChEgc0_5PqcyaYETyeO-TANxKQG5bRAsaD70QKbhYWisaCisg2gz7ttC51F4A98c9hMnqUOGF6x_l1BJLplJZ1CC0W1PLtMRW24quZGVdY00F_z_OGKKoyXh9S7LojthuwtojFoOhaL4yA74J4Y

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cyberscoop.com/	1970-01-20 22:19:19	Name: sng_interstitial Value: 1
.cyberscoop.com/	1970-01-21 07:53:53	Name: _ga_T6DX9FEHNM Value: GS1.1.1721873403.1.0.1721873403.0.0.0
.cyberscoop.com/	1970-01-20 22:17:55	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/%22%2C%22sref%22:%22%22%2C%22sts%22:1721873403043%2C%22slts%22:0}
.cyberscoop.com/	1970-01-21 07:47:17	Name: _parsely_visitor Value: {%22id%22:%22pid=8fe2d125-79d5-4c82-95fa-155b53704e2d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1721873403043}
.cyberscoop.com/	1970-01-21 07:53:53	Name: _ga Value: GA1.2.278001889.1721873402
.cyberscoop.com/	1970-01-20 22:19:19	Name: _gid Value: GA1.2.1026736063.1721873403
.cyberscoop.com/	1970-01-20 22:17:53	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-21 00:27:29	Name: _fbp Value: fb.1.1721873403139.234085012118690149
.cyberscoop.com/	1970-01-21 07:03:29	Name: _hjSessionUser_3095877 Value: eyJpZCI6ImY5MzA5NGJiLTQ3NzctNTRkNS1hOTJmLWU3ZmRmNmRiNWY0YSIsImNyZWF0ZWQiOjE3MjE4NzM0MDMyNjksImV4aXN0aW5nIjpmYWxzZX0=
.cyberscoop.com/	1970-01-20 22:17:55	Name: _hjSession_3095877 Value: eyJpZCI6ImQxZDRjYTRmLTlmMDctNGVjMi05MWI4LTc2NmY0Yjg1NmE2NSIsImMiOjE3MjE4NzM0MDMyNzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.t.co/	1970-01-21 07:53:53	Name: muc_ads Value: 62c20027-2780-490c-86be-c9c31465d5a4
.linkedin.com/	1970-01-21 07:03:29	Name: bcookie Value: "v=2&9d48f606-61f0-4e9e-8d2e-ad0bb5d28175"
.linkedin.com/	1970-01-21 02:37:05	Name: li_gc Value: MTswOzE3MjE4NzM0MDM7MjswMjFerLfVOEf9GtRqX++6XiGLOHG/T6Yd+xXwCufJEtAavQ==
.linkedin.com/	1970-01-20 22:19:19	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3334:u=1:x=1:i=1721873403:t=1721959803:v=2:sig=AQEY8rkSgS-zWDke8AmYW8qjRsafeLVb"
.twitter.com/	1970-01-21 07:53:53	Name: personalization_id Value: "v1_T9IuJMlkrs+b4HF5nkkNng=="
.cyberscoop.com/	1970-01-21 02:37:05	Name: __hstc Value: 143679850.a72b4baf1857b8e0be84089ec129d727.1721873403673.1721873403673.1721873403673.1
.cyberscoop.com/	1970-01-21 02:37:05	Name: hubspotutk Value: a72b4baf1857b8e0be84089ec129d727
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 22:17:55	Name: __hssc Value: 143679850.1.1721873403674
.hubspot.com/	1970-01-20 22:17:55	Name: __cf_bm Value: nL8N5f43Nd_W8dfWDDEzcm4TISzNQem.hu7x.ZIPa14-1721873403-1.0.1.1-dTcNl.YFDVyDts8apMlXF9m65pINTZowxyMqbfijTEvGcFXYpubIxZqrC86FP5_nkojapoBZDD5XvtH7utP0wA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: yMTz2MAx4wYwnNeav7RRZ0qQYXw0SSlWb3mmTg37ofk-1721873403965-0.0.1.1-604800000

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/ Message: Mixed Content: The page at 'https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/' was loaded over HTTPS, but requested an insecure element 'http://2.gravatar.com/avatar/ea8b076b398ee48b71cfaecf898c582b?s=192&d=mm&r=g'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/(Line 748) Message: Mixed Content: The page at 'https://cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-worker-from-north-korea/' was loaded over HTTPS, but requested an insecure element 'http://2.gravatar.com/avatar/ea8b076b398ee48b71cfaecf898c582b?s=192&d=mm&r=g'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.gravatar.com
analytics.twitter.com
api.hubspot.com
bdce2088a4ac388fe770d145e5b239c8.safeframe.googlesyndication.com
cdn.parsely.com
connect.facebook.net
cyberscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
t.co
tpc.googlesyndication.com
track.hubspot.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.244.42.67
13.107.42.14
13.32.27.19
146.75.120.157
172.217.18.2
18.66.102.106
18.66.112.121
2001:4860:4802:32::36
216.58.206.34
2606:4700:4400::ac40:991b
2606:4700::6810:4e8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a02:26f0:3500:10::210:a99
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
3.161.77.50
63.34.81.234
93.184.221.165
012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89
030299785d4ce5ce893acd00dcd3e39d3913d5461adfe01dcfcacab1aedc1162
06c95435f2a5512fd62ad638b7a0d98545855cc100f1cdb8aa3d1c22ac40802e
16bfa0b752b489fd95e64c9ca4c7aacfee4012f82ae76561575ea4951957a6f6
1703a04340e515a8ad66e258eee2215e64f616c202078b3c1bfa17e562330843
19ffe5468ff26e2cb8cc9db26291acc9309a316316771bccc98d080787cb340e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2f8876b873bfc9bb7df9298f74d629704f161b0089f6654a05c158eca19ff5
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
287c0b0d537e69bc65489c82c1e7289b8f75ddb34cdcf6d7861fb33e0805f7f7
30b2ad9b4618e02ea31287ad6f14de494b34ad88751f7c148278ef76a785a89e
3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3
3b06ab7e61e2cd9d4b0c85f3d7facd7bf8cf969ff9270f472d534f6077c009c5
3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29
4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b
4f36db75a57c0877cb108f5dd1bac82555bd0e3fd3f6fe7595286e7d0fe7ea3e
572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5dbdf83e6734fe53b0ecbf2a814f1a36bc44d4c2bc22493334aa3911cee81c3d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6a0bd7669821f86fe072d8a25b3c0fbf821c95f8e25de41d79216877b2af0690
6ec4545e41955718327330da5fbe2e38b42c62ed83b17860ece26d24a5acac2e
7060bf37cd7f9a72283bec898a98741ac0dc279a5d627bf1a5bc0cf0fd7f2d84
735d89ed85204c79ef78fce7a67dc8494bae6ef72b8a307c0e5adcaa20d20885
76e0db8eb9e3afff6d639ec305469dd44a91855a68a4018a3aced9611c77b8a8
792f09e55879f45045a85cc0cb1cc97fe647f26dd63e69ec79baf984055045d8
7ad82dd310b2bd9a1911487bfe24d02345151173942638a65c562af75569f4b7
7b5bacc7866973628d21c0aa4923871bce40ab4107c0d59e55a8256ae44c71cb
7f33901d3131c9cc6468fb5493e250c17c445dae0f3f435e5684ba4906faf3c7
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
90d1bfe2c4ffac83eecdabd1bd969d36064b65627e0729157a5436bea66873dc
95771ab9f1aa800878a2103d5b7f665105c3431a4f68ee69833ce4a9bf00ed9a
96c381ae313ee177decfede923c9c9df7dd2a75c843fdfdc9d101b7977a1c3be
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1
9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce
a02d6bcc26f9bf0bb83fb1d4b0f77b8394203a7436206d0dfea469dba4b1898a
a168e2f7b0b4382f7985fa2232ab6f5a6786aedc325d292a6cfd1075e6b7d600
a36ebea337eb54a92bda23148bb5a2ebfbffd44d112f55d3436e6ae9ca9a5e4b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abb51a752ad668d521944d425ca58cb18cceb95a60217a846bb5555418056dc3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b27c2edbe6cd7c5c3d629f3e0339f25d56e00b3c772f972ab44f0aeb35834c30
b4fcc80e1787f50b4b915e47fd9ba6476ca85f48a12630abe690de4b3286f2cd
b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49
be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31
c7325c47f0d5f5d6397a383ec08432a0dfdd7b1f7d3fd37b3ae62f76ae15cf3f
c771fbcc2985cf7875cf666f58f0e8bdcbe8887d1ff286b0f0cd259f0be02e4e
cbf8b1fb8b306dd538ba53c80ff78099e489a5501a45a6ddbacb7fde27179585
ce15b1b0736e883ec477f5ca54ed0f8d4cbba5bd65ad21394bff1abe097b3e03
ce61d398f0b66fc4d024c1290f87dbe68ca6ec0bb17ef1c3d4b5cc42c9d1412a
cf36a20212b88f70aa6e9bb80ffba53a4d1af8df6e985a3a4474b1214aa85060
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d42a6e638cae597a67c7cf32eed3e576e63a364baf7322185d02c7a3d69a558d
d9065d89843599ef30f11ab7082b7c52a755ee889f9c9cea047f01f1e35f9269
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d02d2de708c3a215780149ee117036a831909d8a45b7b7bf10801c8ce415ea
f4455873c358873af9d595f5b8b9c964fa4c7fd6a87fcde2cd4a9a221c9145e6
fa8ea2c14281dd0d48428bc3d10d2eec6977c6ce37513a0063d72ab2820e27e5

cyberscoop.com Open in urlscan Pro 18.66.112.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

61 %IPv6

21 Domains

29 Subdomains

29 IPs

4 Countries

3093 kBTransfer

7444 kBSize

21 Cookies

17 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cyberscoop.com Open in urlscan Pro
18.66.112.121 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

61 %
IPv6

21
Domains

29
Subdomains

29
IPs

4
Countries

3093 kB
Transfer

7444 kB
Size

21
Cookies

122 HTTP transactions
8 data transactions