cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/
Submission: On October 28 via api (October 28th 2022, 5:09:28 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 24 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3108::ac42:283b, located in United States and belongs to CLOUDFLARENET, US. The main domain is cybernews.com. The Cisco Umbrella rank of the primary domain is 273118.
TLS certificate: Issued by E1 on October 22nd 2022. Valid for: 3 months.

This is the only time cybernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:310... 2606:4700:3108::ac42:283b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:240b:876d:668b:48c9	16509 (AMAZON-02) (AMAZON-02)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
13	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
128	28

12 2606:4700:3108::ac42:283b (United States)

ASN13335 (CLOUDFLARENET, US)

cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:240b:876d:668b:48c9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 295	83 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	1 MB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	128 KB
12	cybernews.com cybernews.com — Cisco Umbrella Rank: 273118 media.cybernews.com — Cisco Umbrella Rank: 419597	115 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 5362 adservice.google.com — Cisco Umbrella Rank: 71	2 KB
6	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516	4 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6364 adservice.google.de — Cisco Umbrella Rank: 9167	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3394 onesignal.com — Cisco Umbrella Rank: 1257	82 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 668	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 338	915 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1413	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 644	793 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	94 KB
2	gstatic.com www.gstatic.com	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	161 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	33 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 944	356 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11532	60 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1563	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	699 B
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3215	35 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
128	24

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net cybernews.com
13	s0.2mdn.net	cybernews.com s0.2mdn.net
13	cm.g.doubleclick.net	3 redirects cybernews.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	cybernews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	media.cybernews.com	cybernews.com
6	www.google.com	cybernews.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	cybernews.com	cybernews.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.de	cybernews.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	onesignal.com	cdn.onesignal.com
2	googleads4.g.doubleclick.net	cybernews.com
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagmanager.com	cybernews.com www.googletagmanager.com
2	cdn.onesignal.com	cybernews.com cdn.onesignal.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	img.youtube.com	cybernews.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
128	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
flipboard.com
careers.cybernews.com

Subject Issuer	Validity	Valid
*.cybernews.com E1	`2022-10-22` - `2023-01-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/
Frame ID: 3A4C0C1E874F9663D9DA1A22A16F21D9
Requests: 48 HTTP requests in this frame

Frame: https://img.youtube.com/vi/UvooremyBM4/hqdefault.jpg
Frame ID: 3BA2EDEADF6984470F16FB0305288A86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: AEE682AFDC0FE4C09D838C21485EB855
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1666881225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963614&bpp=3&bdt=125&idt=133&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2675728509446&frm=20&pv=2&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=154
Frame ID: 0887BB10CC429B37E7C9532CF2A91026
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
Frame ID: 923331C638E5F6A78DD9BDED5097CDF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
Frame ID: 65A28A5D3B475BDCA0F3558F94D5B7BF
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D2E205D9111490AAC28957CF2A4F016
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGJrBotUBMAE&v=APEucNUl3J46rMCSC5IYhgUoIm42MwOouQCB8qlWxbEX2HXG56LwKxsdmKoocqnPfsB0x1QuiDGnNQMK9fw0pr_CxqLV7DOKDSeT8E_JlpjEu6lvyseoFvRbQ6nj3lWjiE1Z37H2Rl5wfqNOrB38aKLQlBDVI6fmW3bPlGP3EWeCc7nRif6FFL0
Frame ID: F15C679F17C86F2C4FFBA4AD68B0D220
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOEhy_jtrF1o0Ael1szJvNEzkcIv6u_0nk6DeXmuMzzitVCSL5ed4vhnoOxmAUUIitaByw5bwGGqUEO2_0mZw8knnG7w&cry=1&dbm_d=AKAmf-D1oh3otMZIla3R6O1Xw_MptbUc7X_RxxPu-6L9iwTQje8lH_-zU0UcmM74dNa_N6Jw0erfdhNL-6AaZs5QzpgvDky4WMlxG63REJX60Q1g3OngSpjyVLgZWDl5PRkQBlnwExDIZvV7zaP9zshHQaaot4-d_sJPxiTsttB__am4LnV-WGGm_kiGlee4hp1cxO1JO0FN3J22mh9rSx0f-P33itqNu7mZOnVHOvqvB714s1y2hOIpBUFpvIJZOqx_DCM3h1iBXa7-Hb48LmgFYGpGaNFFusRDDvQn52XqwlNZJVC9Ie0w_p-bHXK8zwYW5t1NNxqby6Vys0r5-Ku-8WsVh2N_bx5mIrUQUOpqvS9PjuGkNrcdKgNvzHcvyzVaxyA35A5MnHkn-2O8ID5cyWCySas5CSrN0He6zwJcQXJ4gd8J5s8y2va5HoamRHTcTMlS2Wh0hKvhZEd77n4H02IcjCuVDZlMZvAdYVaiIg96nYm52WHKwQCSl6H_vPwzn69jS0Cc01HPpSjGWD_haXb4Um7rhlbvaRO9_pvrvDQYhsrPI1_w6DAboQwmsVzEJDiY4lUk1k8yAcKfWmq7dN7IICbB2UQH18mo0Q78II86lwm-cwLq10m27oCQFkvTfnMwexmR5asdoQJ9rvooIJLTA-IscuPdfXJgLgLPlHgyn1Edg-ICEQR22ci5AK9cGm4P43IH0mFxjab_ZDbvTJYcozQmIKpROG6xZPEgFcMO--cDI-c-P8HcBQ4zlTaEVqQrlM1xiR1pmb6UzoWY8N_J-mg7GSkcBGscfZQBhFUNLXk8Ns75mpcKs-Wo5ZAHrfSCuCHzVSli_U4VUZgd18KQcDD9QY2-EZNvr14XZBCT3yeVrirEPgNFPzAD5oytbylMskJfYjg4ck3TFPaTHHCWoZoBzC7zj6zcfWnvZ7UBNQQ79dhctfvqSD8zGVRlvk6Qib2KaS1CkCkXDxjSGwo-jfDaG3pTS0MKxCY26v3wNQEFcgi5xR4XgrdNAFeDIa9f5oMeTv5ut_wDo-M-zTPRbC1A2IgQyWC0154Sxyrt7PP3ffHPI_UoumLGBZ2jmVEwo_rjXjZT5WPl1STUfOt614R9rp5uBdqAvilxc4sq5U0DbK-fTlFgGC7trIhP3dSJm60F6ouZ0DStKIY4lxNIa7581qjnXl4vkD78bon9ZHiRvTHDHizPT7G2KkI4pzMlnCN4Lyyw40i0QBFaNfWqEf0MZumAXm0qIrJ5MOW37oUTCWmBaqrGejoaptyXnZ9l88rhpr8uL_JxXmClD7Ylqex7tLeyYfGltXMPZwRmXxo6uA4JPd8n6iIWQ-AH3Wacdzsdfu3q5wqhOSOVGE_WQ08Pt1eoRuGzo3iNFN0cElOnVCPDz_nmGD976G8c0SDX93Oio6TfNS4ympNf3UxPJQ8JNY43nYse_j2HVGSYT_j49RPOaxAXIXrDSGWJfTsCUUmsCHY8Ak0fGhEejsog9jcyH5z82Jagb7v5fia7Q4JhtTcxSzVU8eNyi3b5BN3Zito5e7uAAbEslnahj4hHDLXTybdTA1Ke6SLLAKL8nHQP_6GCz62Qzp-1SrgpmqMovdSS4kF1k7XGBpE4irbTq06N16ckNsywwL3v3pqhtiOe6idPpWwGHwJlNw6XoF4gnglyuYgX0MvxXcun9Htw-aQxFy9hjLvYZykisBzS4zSjJcaRu2yVxWirnQB9dHccDCrx16r0ti0Cdlagva7MlfOqo8d-35llapidZH-XrLWfkC6kFQDKzBcX83SDyGVeIBalcnmAWv08B-MgbFo0LSwmHbBBDwSvnQT-KQTjDEzOk3qoKMhdgveqdO4qYXKOvlOuEIe_n7i9V4Ibtb2WLtM0YcfqZ2oGbhEdqJOyRpZ6HpP9OcAPAXG0JHAR4Jx0XCq7Mcczydp-4QRd04UyrC4WPr3OwfKDfv95ZTkL6fKtXsgfeHPMiabWfC3M0mixYjqKyhLbZsyqCZfqIkCkDBM9HdMQFAPkOWcULpEKLMZB5YKwUc56AsYPf7IQnjCLMMr6vnwO8oTqEImfIf3z4sRXNANxO1idRRbrzrpuJuNwKaGXlk3SCowvZfQX8uNcWLDRsqQv1Pw_JJ4I3jFNiiWiz4c8h_fcEFO_7n9PlAs5n-SPZI-vu-VpWgksGzjOPCBB7uv7tD74yVS1CUDSchXfDuwGJLVopsL1yNLa-H8fpJ1OpYZvoydkckjkvSOfQs71l_oKu9q-pYm_ecYj569LzdW0MuVpxnT4zfMY92iew4elcACSa-g2Bb_BW4pJguY8rNUvYP0v_Lf4ujFDFgfNtNGddQbWf6PetlcjEnUJ3x9-vAUzj-m_2Go-KB2YZ5PTMzLikJnEVS38yVGsKVIEtCXyIZIpNP_KG5SWm_8W7YaJ_9N0GhSiwsPFPv84LsgGcH-dSAC5THWlhZhjHdVrmUSN8nNxP_9UiDoxjyO6aE7GLh7G1IwTBDijod3jpJDhIfd5jSOmJP3yd91P9GdGGFIbVUHxPIwWHFQqpJ3byyOOh-_VagUVV9N0v_ZqxRrH9g2d5yNZTV2QVvexpabRh9TJCaQ7HnoEj-nY2oy9_lXoEfLqZzPqByGBWJJnVzk9AQtMrHczi5m62dUPOcDuwSnFcfbFwZCSQHQyXgVhZ50AnJwvPWBMVebp_TCcSDQLJHQEMZhJp9Yv-e9DHA8891giybTMKwizOTm43L2boGIdkh31vLcG3Mu6Mr6U8T5MJdreZeMFdt4OxuIFewkVWAVGPBTAe8pl7Nv7u1KOVTg5xF3Rc2a4Up-oFat-WjX2GKjk1xyyHgV-mFwY3Yv7FAS289nggBk00p46_wKe1SdHU0ECFXOzChznWmgeH7jqomggR7BCN6ckvfiL40sxTOErbwK-5yDEXHDDJGmHfYBG9hukSIbWsrCRYhqp8uGmkiklU10WYUvEC7RatgiuplaefPADMZ272QKHYwQe6na5PiTAcExuTx5EMMjDtzss5LgVsgu8dCo4KLEjx_fiN1aJw_5v2xZqyj3Rtnw0WICBc19KU4Q_9tNJtUqT3tGpK0kCAZisDEwpRJywFu3JUKYxTB-1p67UxKCp8s6i5wfSlKIQmbV9is8mBIXwt56gTgwY-DCn3n43Gn4ojKfzec7o1UtrqAUp_LWxfVZLZwyJhWaWaEwBwkM4x7EJKr_kV0P15QRqJyGDZ_TYsCGAJfindMVLYv6igxkFFl6PoZHMt6t8k5NRlhEFV551YyZ6G0f1e4hP3H4FG353RMksdbMizB12RUWk1l2L_qr34A_WE8FV4Ee9w6hRIHf7dxu5dT-IZUrVup3UeyN1f5MgRv0K2bnHzaogK2b-nl3aBWU&cid=CAASEuRoc0NrYLwQgM34_48BruBr7w&rfl=2%2Chttps%253A%252F%252Fcybernews.com%242%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-5928161074779380%2526output%253Dhtml%2526h%253D280%2526slotname%253D8387108948%2526adk%253D2217422274%2526adf%253D2933161405%2526pi%253Dt.ma~as.8387108948%2526w%253D350%2526fwrn%253D4%2526fwrnh%253D100%2526lmt%253D1666881225%2526rafmt%253D1%2526format%253D350x280%2526url%253Dhttps%25253A%25252F%25252Fcybernews.com%25252Fnews%25252Fhackers-exploit-capital-one-to-steal-identities%25252F%2526fwr%253D0%2526fwrattr%253Dtrue%2526rpe%253D1%2526resp_fmts%253D3%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%2526dt%253D1666976963617%2526bpp%253D1%2526bdt%253D128%2526idt%253D161%2526shv%253Dr20221026%2526mjsv%253Dm202210250101%2526ptt%253D9%2526saldr%253Daa%2526abxe%253D1%2526prev_fmts%253D0x0%2526nras%253D1%2526correlator%253D2675728509446%2526frm%253D20%2526pv%253D1%2526ga_vid%253D553261657.1666976963%2526ga_sid%253D1666976964%2526ga_hid%253D327149948%2526ga_fc%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D1023%2526ady%253D1359%2526biw%253D1600%2526bih%253D1200%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D44759875%25252C44759926%25252C44759842%25252C44761792%25252C44774649%25252C42531705%25252C44774653%25252C44775016%2526oid%253D2%2526pvsid%253D1533031245070689%2526tmod%253D499048812%2526uas%253D0%2526nvt%253D1%2526eae%253D0%2526fc%253D1920%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C1600%25252C1200%2526vis%253D1%2526rsz%253D%25257C%25257CpoEebr%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D128%2526bc%253D31%2526ifi%253D2%2526uci%253Da!2%2526btvi%253D1%2526fsb%253D1%2526xpc%253D5NnHBs7hgw%2526p%253Dhttps%25253A%252F%252Fcybernews.com%2526dtd%253D167%240
Frame ID: C5D79B014AD56AD6D55EEE741B41E596
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2AE9765624C337550ABD5E31CACE7898
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D45D0924BA0D3B0D119E16200BEC0A39
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html
Frame ID: 83854395F281086128C4408C3151533D
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83B65D202AC7798E49B5F595F348FE72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33A2C4233B70C2A162F255D01BD80287
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers exploit Capital One to steal identities | Cybernews

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

128
Requests

90 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

28
IPs

6
Countries

1928 kB
Transfer

3720 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CyberNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cybernewscom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CyberNews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybernews

Search URL Search Domain Scan URL

URL: https://flipboard.com/@CyberNews_com

Search URL Search Domain Scan URL

URL: https://careers.cybernews.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELAyJ5iBpczjDc3TQblo1IQ&google_cver=1&google_push=AZmPxg9SZm38uesqS4Abc5NiOlok7n9TE9Xmaf-J3I4nLI3RHabvetQfy_GnQazqAXJDBlUiuNL8wMFbHbbg58HnXXdGirux_3I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELAyJ5iBpczjDc3TQblo1IQ&google_cver=1&google_push=AZmPxg9SZm38uesqS4Abc5NiOlok7n9TE9Xmaf-J3I4nLI3RHabvetQfy_GnQazqAXJDBlUiuNL8wMFbHbbg58HnXXdGirux_3I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9SZm38uesqS4Abc5NiOlok7n9TE9Xmaf-J3I4nLI3RHabvetQfy_GnQazqAXJDBlUiuNL8wMFbHbbg58HnXXdGirux_3I

Request Chain 71

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFT2Dpp5yBqWFVu7DzcMELE&google_cver=1&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0sJJnV0kgi6Xz2opJAjNAdhpc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFMU0UtSy1BN1Qx&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0sJJnV0kgi6Xz2opJAjNAdhpc

Request Chain 72

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_cver=1&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF_9JMLYSnCHFHLRW9r14sn2opJOOTTwU7N4URL9q_aNnpG3LFEOoSGbTctDzoqg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF_9JMLYSnCHFHLRW9r14sn2opJOOTTwU7N4URL9q_aNnpG3LFEOoSGbTctDzoqg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF_9JMLYSnCHFHLRW9r14sn2opJOOTTwU7N4URL9q_aNnpG3LFEOoSGbTctDzoqg

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wMxDs5qNGiCMhkkFszXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdJwKu_kqBgwmJ5EUSfNaE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAdJwKu_kqBgwmJ5EUSfNaE%26google_cver%3D1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1Nzg4MjAwNTEyOTYxMjQ0NA%3D%3D

Request Chain 97

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJE7KkjJR8-CSUhUtkG5mas&google_cver=1&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXtM7AzBxrEZPp3hWgxrD31sWRHOhdinaOcORh2ATQ7c7 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXtM7AzBxrEZPp3hWgxrD31sWRHOhdinaOcORh2ATQ7c7&google_hm=h1T2Q4ZLKtJrNyKtlRO3Kw

Request Chain 100

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPFgkLHsfFwUk1C0y1_tFOU&google_cver=1&google_push=AZmPxg92GBsZ7g5H4R2wxQ_9TI1UYR6gY0DkMYtrI_6T4DS12ESSdmOjZmY9JegnXJPCgw0gPqPBkDMCOv0gttExW_2KV5m4M1daNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg92GBsZ7g5H4R2wxQ_9TI1UYR6gY0DkMYtrI_6T4DS12ESSdmOjZmY9JegnXJPCgw0gPqPBkDMCOv0gttExW_2KV5m4M1daNg

Request Chain 101

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHwZiUfzHW-nN1DS4TJYpnI&google_cver=1&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8h5wVeOiMMTw8vrn35oMxuqF9pgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFNMTEtMjYtM0JM&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8h5wVeOiMMTw8vrn35oMxuqF9pgw

Request Chain 102

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_cver=1&google_push=AZmPxg_rukzkD3wzZQ_VD88TJCvtoFMDUAFLlLNrjRaPthwiBQy5gYbyGjodHL61A0dlFFZ263oe1jgFq1e_rVRoMSFf-myYwsaIOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_rukzkD3wzZQ_VD88TJCvtoFMDUAFLlLNrjRaPthwiBQy5gYbyGjodHL61A0dlFFZ263oe1jgFq1e_rVRoMSFf-myYwsaIOA

128 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/ 122 KB
27 KB 403ms
358ms Document
text/html 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91cacf4fbbbeecf4513e8543e0f3c6439b83979cc3062c8e8e21538a0e03f9fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 761547638a9fbbbf-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
ct-content-bucket: News
ct-content-type: Editorial
date: Fri, 28 Oct 2022 17:09:23 GMT
expires: Fri, 28 Oct 2022 21:09:23 GMT
last-modified: Thu, 27 Oct 2022 14:33:45 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 54ms
31ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 971
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 761547660c2d9250-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 31 Oct 2022 17:09:23 GMT

GET
H2 200 base-9058b41af4.js Show response
cybernews.com/js/ 21 KB
9 KB 73ms
73ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/base-9058b41af4.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e017bf092aed0ef4d904cce0115aaed7ae9dfe17c57305e753667cb82d4a1e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 106088
cf-polished: origSize=21775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 26 Oct 2022 10:42:32 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63590f18-550f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 76154765e8a9bbbf-FRA
expires: Fri, 28 Oct 2022 21:09:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 62ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d04eca2027515a759d89db8abc8ea810f650135207361d945d1b23a57cd4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://cybernews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55178
x-xss-protection: 0
server: cafe
etag: 16654371665189529668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
85 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9879759bbbb2c8ff2c605a1805478acc0c1425a8e4a0b1062f3f507ed8a28c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86908
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 16:53:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 17:09:23 GMT

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6976b1e225d48e5e0097d79498a99fc73f8b43cd4b693080aa5f6960e1ce50e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 74ms
60ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 973
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 761547666a679a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 31 Oct 2022 17:09:23 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/UvooremyBM4/ Frame 3BA2 34 KB
35 KB 81ms
18ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/UvooremyBM4/hqdefault.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3f86a55ee63adda1f5695a7fc0a29fd66ef8638c4cf4de8a7497e1828a82e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34907
x-xss-protection: 0
server: sffe
etag: "1663325766"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 28 Oct 2022 19:09:23 GMT

GET
H2 200 Jurgita.jpg
media.cybernews.com/images/62w/2022/05/ 1 KB
1 KB 116ms
101ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/62w/2022/05/Jurgita.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed13bd97ca8b59678a2148da4437e161f23777a53841520eeac03b8380c78e7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1178
cf-resized: internal=ok/h q=0 n=36 c=3+15 v=2022.10.4 l=1178
last-modified: Wed, 27 Jul 2022 11:16:31 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfF0FYnig329Gd3IS22ZyIIQ:fb5426068b9a01fdd9fd53aa091741ba"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 761547668a3dbbbf-FRA

GET
H2 200 CapitalOnebank.jpg
media.cybernews.com/images/750w/2022/09/ 38 KB
38 KB 1706ms
1691ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/750w/2022/09/CapitalOnebank.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a5ae49f8c042631eeee0d14415c35c050b9f5d0ae000de36664cff84305451

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38743
cf-resized: internal=ok/m q=0 n=812 c=8+792 v=2022.10.4 l=38743
last-modified: Thu, 22 Sep 2022 12:57:43 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfqaNVtdnHRxUgoAd1kuSglA:20794dc795fa6cee14c4985d63f0ac4d"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547668a39bbbf-FRA

GET
H2 200 IBMQuantumFridge.png
media.cybernews.com/images/thumbnail/2022/10/ 21 KB
21 KB 88ms
72ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail/2022/10/IBMQuantumFridge.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71dd8522bd635c25b1b27746afab66bab297cb18cc34b348a2727b79d8870f3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 df82305b97992378d05ae949e544e3e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21433
cf-resized: internal=ok/h q=0 n=53 c=24+129 v=2022.10.4 l=21433
last-modified: Tue, 25 Oct 2022 07:28:03 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfznkAcAZJ8hyoeUKOHP9WvA:49975fe2455683829f2477279f04438a"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547668a35bbbf-FRA

GET
H2 200 Shutterstock_235214128.jpg
media.cybernews.com/images/thumbnail_small/2022/10/ 3 KB
3 KB 80ms
65ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2022/10/Shutterstock_235214128.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4884cbf6e0615b4e2843e78c027f88789e1ab3a3455633fb3b67c1273bc2872

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3182
cf-resized: internal=ok/h q=0 n=21 c=4+57 v=2022.10.4 l=3182
last-modified: Tue, 25 Oct 2022 06:24:56 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfHJT6Ext09OkNpOxAWunvDw:c5130b3cc893e81377c590c139eaf5a3"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547668a46bbbf-FRA

GET
H2 200 opengitfolders.jpg
media.cybernews.com/images/thumbnail_small/2022/10/ 2 KB
2 KB 89ms
74ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2022/10/opengitfolders.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe39bfce878c58b74d391af20937cc8436f2c5013f5983f4a49dcb923710f6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fdac35835bcf0937b6f910eeac10720e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1834
cf-resized: internal=ok/h q=0 n=15 c=3+48 v=2022.10.4 l=1834
last-modified: Wed, 19 Oct 2022 09:25:33 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfm1GMHLNsPkxdB75yXqJvYQ:a17479bb61401b25be903525443d2e15"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547668a37bbbf-FRA

GET
H2 200 Stephen-N-Whiting.jpg
media.cybernews.com/images/thumbnail_small/2022/10/ 3 KB
4 KB 81ms
66ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2022/10/Stephen-N-Whiting.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c549c04460daf4d1c44d0b884d48cba84a1b8ddf365e808e15544ebe2e2fa2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3419
cf-resized: internal=ok/h q=0 n=65 c=5+69 v=2022.10.4 l=3419
last-modified: Wed, 19 Oct 2022 11:44:49 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf0pi9dO1OOTkJJyfhbKC-Yw:550cc8bc62522f1b89866375bd77be69"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547668a41bbbf-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
116 KB 66ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc4b5698acdba338a3eb73845c70c8268d9daaf678eed6d1c816aa547c3829e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118887
x-xss-protection: 0
server: cafe
etag: 1590170636948128295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame AEE6 10 KB
5 KB 36ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:30:24 GMT
etag: 9671129459699598864
expires: Fri, 11 Nov 2022 07:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 2 KB
1 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1666976963640&cv=11&fst=1666976963640&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&tiba=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&auid=6890719.1666976964&data=contentBucket%3DNews%3BcontentType%3DEditorial&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52df214424c14a92220c9d4f2c90335fce188a4b44a637171a21443ebf506a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 40ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b2b6495234aa2646bcfad8579ab0a363afa80271e9e851eaea8dce76b81938b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 17:09:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 17:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 445
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 19:01:58 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/589784210/ 42 B
548 B 57ms
22ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/589784210/?random=1666976963640&cv=11&fst=1666976400000&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&tiba=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=2448690386&rmt_tld=0&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/589784210/ 42 B
548 B 55ms
21ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/589784210/?random=1666976963640&cv=11&fst=1666976400000&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&tiba=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=2448690386&rmt_tld=1&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
15ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=327149948&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&ul=en-us&de=UTF-8&dt=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookieFooter&ea=load&el=organic&_u=YADAAEABAAAAACAAI~&jid=31855231&gjid=1945672898&cid=553261657.1666976963&tid=UA-149779697-1&_gid=766199486.1666976964&_r=1&gtm=2wgaq0KMWQ6GT&cg1=News&cg2=Editorial&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&cd6=2022-10-28T17%3A09%3A23.645Z&z=358306787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 32ms
16ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=327149948&t=pageview&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&ul=en-us&de=UTF-8&dt=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=905406897&gjid=454160962&cid=553261657.1666976963&tid=UA-149779697-1&_gid=766199486.1666976964&_r=1&_slc=1&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&z=1034607254

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
336 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=2oeaq0&_p=327149948&_gaz=1&cid=553261657.1666976963&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666976963&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&dt=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 62ms
22ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=553261657.1666976963&gtm=2oeaq0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=553261657.1666976963&gtm=2oeaq0&aip=1&z=1301214434

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 56ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d50a559c14ff3227f1309370e1267a0de0824c31bdedfcd9f1866e9044fa5a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 60ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0887 0
20 B 139ms
115ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1666881225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963614&bpp=3&bdt=125&idt=133&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2675728509446&frm=20&pv=2&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=154

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:09:23 GMT
expires: Fri, 28 Oct 2022 17:09:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 24ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=31855231&gjid=1945672898&_gid=766199486.1666976964&_u=YADAAEAAAAAAACAAI~&z=1655430689

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 25ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=905406897&gjid=454160962&_gid=766199486.1666976964&_u=YADAAEABAAAAACAAI~&z=1990997168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9233 21 KB
10 KB 698ms
689ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

934454dae9db46a600d5e77fb1286f0b085fdaacf61e36485a58156d827d633a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10439
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:09:24 GMT
expires: Fri, 28 Oct 2022 17:09:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 65A2 137 KB
30 KB 521ms
518ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11c1d45b1415c4a3b5e331e4147dab6e300ed4a1386e094dd56dc5715d24ed74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31174
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:09:24 GMT
expires: Fri, 28 Oct 2022 17:09:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=31855231&_u=YADAAEAAAAAAACAAI~&z=266428989

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 54ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=31855231&_u=YADAAEAAAAAAACAAI~&z=266428989

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=905406897&_u=YADAAEABAAAAACAAI~&z=2020025899

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 73ms
52ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=553261657.1666976963&jid=905406897&_u=YADAAEABAAAAACAAI~&z=2020025899

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 65A2 9 KB
4 KB 38ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 14:36:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 65A2 2 KB
819 B 51ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 14:36:43 GMT

GET
H2 200 3b83c543e2369c6d5695fb1ef6fbb5b0.js Show response
www.gstatic.com/mysidia/ Frame 65A2 22 KB
10 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b83c543e2369c6d5695fb1ef6fbb5b0.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9392
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 15:02:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 65A2 23 KB
10 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 14:36:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 65A2 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 15:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 65A2 17 KB
7 KB 49ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 14:36:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 65A2 0
0 18ms
16ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVf9eDk5zHtbrurgxOhFalwe3QBo-PsRpDkb_6SAbgzW2oIebJUDmM-DGOXDcFWr4pzQb8xdma0DyIX6abHTSgAK-9cw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65A2 153 KB
48 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 17:09:24 GMT

GET
H3 200 14728860881420312748
tpc.googlesyndication.com/daca_images/simgad/ Frame 65A2 35 KB
35 KB 41ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14728860881420312748

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad0d9326f4ab2dd8452f78a527e7a73483c58df9244f9f82afad79285b466ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:24:16 GMT
x-content-type-options: nosniff
age: 35108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35637
x-xss-protection: 0
last-modified: Thu, 28 Apr 2016 00:44:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 07:24:16 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4582505061937730169/ Frame 65A2 96 KB
96 KB 37ms
12ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4582505061937730169/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482c4b337799844accae79a39af7df3523d8fe71638940dafa05279da5c27868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:52:54 GMT
x-content-type-options: nosniff
age: 29790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97925
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 04:28:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 08:52:54 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16521704864087451799/ Frame 65A2 93 KB
93 KB 50ms
25ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16521704864087451799/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd4b21bf16796f8b1cdf801e048df3d36f3f05893b9e249ae871c1d6096c2ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:03:09 GMT
x-content-type-options: nosniff
age: 21975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95418
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:04:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 11:03:09 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/52636202059171177/ Frame 65A2 68 KB
68 KB 53ms
28ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/52636202059171177/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c97c2e530bbbfe6d66ac7a6f1c9afcdbb0dc63b06f32bfa6f3e720c077c590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 04:19:57 GMT
x-content-type-options: nosniff
age: 46167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69765
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 13:18:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 04:19:57 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7990803410364380066/ Frame 65A2 197 KB
197 KB 54ms
29ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7990803410364380066/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117911d4fd161a4cd986ff95900fdfd92fa7b30d6dfdc4834535a7de39c1a57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:22:25 GMT
x-content-type-options: nosniff
age: 179219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201836
x-xss-protection: 0
last-modified: Wed, 29 Jan 2020 09:59:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 15:22:25 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18271579776792249389/ Frame 65A2 189 KB
189 KB 47ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18271579776792249389/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5bb22a6597ef2f57413165e4e861117406c2d90c69dbb04f358d7bb08d310f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 20:36:43 GMT
x-content-type-options: nosniff
age: 505961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193075
x-xss-protection: 0
last-modified: Mon, 04 Jun 2018 14:41:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Oct 2023 20:36:43 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12454752406875508060/ Frame 65A2 100 KB
100 KB 43ms
26ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12454752406875508060/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b92ecb378529a0af768c29c3bb404cfe7b665f4ae8c61827183892db231b04cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:53:22 GMT
x-content-type-options: nosniff
age: 285362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102598
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:59:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 09:53:22 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7950597814380686241/ Frame 65A2 85 KB
86 KB 27ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7950597814380686241/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85f734af168c9a81646dca3906c88833e5130766ae9641b5e9cf0086239fc28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:11:34 GMT
x-content-type-options: nosniff
age: 43070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87543
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 09:50:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 05:11:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 61ms
58ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjkWxwwxcY6e5MvCX78EPori8sAb88bCVbcjQ4aGQEKTn8u2VAhABILbX6XsoCGCVgoCAoAegAanx1Y4DyAEBqAMByAMCqgT_AU_Qzmpwci6d60goLqKRJadchXRohiOcmlNCQJO5U7mgPQVthWadRVWaTJ0TE70oAv4A1ejAKyiBuTKCGL1ZWA8el5cY8gLMIbhLQijIru1J40_bKI3Iu4Sqj5ksIVPi0Xh7b5FjEPk1kfiqvukxvrApkXVtmaxadO42feEzTz4MDa1R3ik8N8IBEdKCO6CgUYwhZEOjZ6Rlg-j9PVwHqQ56v3QXUUCLJTzFJFaxLurwU-Bgn-QKF4L_fSI8V9BzLqZgKSO_qi7_QT-vE1N7qKejIy_EKenrqgY0rZiClBNo-WaV2Fb9Mm7Nlg7Tiy6PThd3fhJPr9RXHX_KjYzP5sAE2rSw3fYDkgUECAQYAZIFBAgFGASgBmaAB-CKoXmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD-3BjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTFdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=EZPPAU_zGdA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 60ms
57ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CROv6wwxcY6e5MvCX78EPori8sAbqzdPxbL_V-brgELzD1PWMHBACILbX6XsoCGCVgoCAoAegAbrb45gDyAEGqAMByAMCqgT8AU_QrTJmci2d60goLqKRJadchXRohiOcmlNCQJO5U7mgPQVthWadRVWaTJ0TE70oAv4A1ejAKyiBuTKCGL1ZWA8el5cY8gLMIbhLQijIru1J40_bKI3Iu4Sqj5ksIVPi0Xh7b5FjEPk1kfiqvukxvrApkXVt4a9aNO4rdeGdSaoI6av_JsrX1Cvs-jNf0Ut7dowh0K1V9aCQgK4IPpjyqo6PvHQiUkC-JjwwJ1ZELeoFUMCVnMT_FIIKfiLJVNKGLaSVKiNKqS8KQj9PFdN6F3-9llYJIalxgGSmRklA5M_338lg_LUvTU_HEgf9k709ozOUpulng8y-6aW6UcAEsv3jsO0DkgUECAQYAZIFBAgFGASgBjeAB66knGeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD-3BjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=BQ2mLg2PDk0&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 61ms
59ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUI8KwwxcY6e5MvCX78EPori8sAaTrJCVbePQkajqEJOntICYDhADILbX6XsoCGCVgoCAoAegAZqqx_YByAEGqAMByAMCqgT6AU_QsnZBciyd60goLqKRJadchXRohiOcmlNCQJO5U7mgPQVthWadRVWaTJ0TE70oAv4A1ejAKyiBuTKCGL1ZWA8el5cY8gLMIbhLQijIru1J40_bKI3Iu4Sqj5ksIVPi0Xh7b5FjEPk1kfiqvukxvrApkXVtoa9JPO6kNFS7n9S7EEgUxSM6P8oxENiE9kt7wmLXQqmg9uZlg2r9PRgHqY66v3QXUUBLJTzFJFaxLsrwU-Bgn8QKF4L_fSA8V9BzLqRgKSK_qi_qRJwQ1MWZYxBwnlZJu-PIgqZtcG2Scy4NmIy9BBkO60blHh84cfp4fsG8hOd_ZB-IzXfABLG6jJmcBJIFBAgEGAGSBQQIBRgEoAY3gAfG58SJAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7cGNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=0sz-q92fiNE&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 63ms
60ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C68-GwwxcY6e5MvCX78EPori8sAae-evrbMORmfHoEJaCzYWIFhAEILbX6XsoCGCVgoCAoAegAYqZkO0CyAEGqQIrjmiCg7OwPqgDAcgDAqoEkAJP0Ng1cXIqnetIKC6ikSWnXIV0aIYjnJpTQkCTuVO5oD0FbYVmnUVVmkydExO9KAL-ANXowCsogbkyghi9WVgPHpeXGPICzCG4S0IoyK7tSeNP2yiNyLuEqo-ZLCFT4tF4e2-RYxD5NZH4qr7pMb6wKZF1bZmsWnTuNn3hO08-ITiXVd8pPDfCARHSgjugoFGMIWRDo2ekZYPo_T1cB6kOer90F1FAiyU8xSRWsS7q8FPgYJ_kCheC_30iPFfQcy6mYCkjv6ou_0E_rxNTe6iZjBLFCOzhuSXckT2xuXMKK8yKgixu2km78hLdG0Lyq35OtqbpZ4TMus_n0G4xevdHyctHfVPbMh0AG5Gf6s7K4MAEoOi0yaYEkgUECAQYAZIFBAgFGASgBjeAB97m75IBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_twY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=XvvviKdqt9g&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 61ms
58ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVeq8wwxcY6e5MvCX78EPori8sAaLq-OgbLrNhaGyCob4gNrDARAFILbX6XsoCGCVgoCAoAegAc_YiYYDyAEGqQIrjmiCg7OwPqgDAcgDAqoE_AFP0M9VS3IpnetIKC6ikSWnXIV0aIYjnJpTQkCTuVO5oD0FbYVmnUVVmkydExO9KAL-ANXowCsogbkyghi9WVgPHpeXGPICzCG4S0IoyK7tSeNP2yiNyLuEqo-ZLCFT4tF4e2-RYxD5NZH4qr7pMb6wKZF1beGvWjTuMXXhlkmUH-mr_ybK19Qr7PozX9FLe3aMIdCtVfWgkICuCD6Y8qqOj7x0IlJAviY8MCdWRC3qBVDAlZzE_xSCCn4iyVTShi2klSojSqkvCkI_TxXULj1ivZZWCSGpcYBkplNVFp7w97_DYIS1L2RMxxIH_ZPdN6NLlKbpZ4PMq_XzwG7ABOzU3MnMApIFBAgEGAGSBQQIBRgEoAY3gAeZp_Z5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_twY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=LToIhLEj3Pw&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 60ms
57ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK5tpwwxcY6e5MvCX78EPori8sAahkryjbOHu-oeHEMCNtwEQBiC21-l7KAhglYKAgKAHoAHti-jrA8gBBqgDAcgDAqoE-QFP0PY4fnIrnetIKC6ikSWnXIV0aIYjnJpTQkCTuVO5oD0FbYVmnUVVmkydExO9KAL-ANXowCsogbkyghi9WVgPHpeXGPICzCG4S0IoyK7tSeNP2yiNyLuEqo-ZLCFT4tF4e2-RYxD5NZH4qr7pMb6wKZF1beGvWjzunhcsq5_UuxBIFMUjOj_KMRDYhPZLe8Ji10KpoPbmZYNq_T0YB6mOur90F1FASyU8xSRWsS7K8FPgYJ_ECheC_30gPFfQcy6kYCkiv6ov6kTdT9BlVqYYcJ4WkyvK41KgCiCjgrotfuZfvZuXJclG6QrOOwKEq3TjvIrxt2J42APABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAY3gAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_twY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=H5mopcE6tes&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 66ms
64ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWvn3wwxcY6e5MvCX78EPori8sAaV0ODdbLDRlKHXD4nH_d8FEAcgttfpeygIYJWCgICgB6ABr4fxwAPIAQaoAwHIAwKqBPwBT9CZHE5yKJ3rSCguopElp1yFdGiGI5yaU0JAk7lTuaA9BW2FZp1FVZpMnRMTvSgC_gDV6MArKIG5MoIYvVlYDx6XlxjyAswhuEtCKMiu7UnjT9sojci7hKqPmSwhU-LReHtvkWMQ-TWR-Kq-6TG-sCmRdW3hr1o07jF14dAKrVDxq_8mytfUK-z6M1_RS3t2jCHQrVX1oJCArgg-mPKqjo-8dCJSQL4mPDAnVkQt6gVQwJWcxP8Uggp-IslU0oYtpJUqI0qpLwpCP08Vy2Y9WL2WVgkhqXGAZKYkdlfc_fei1yfttS91TMcSB_2TwCPkIpSm6WeDzNzWsoJjwAT7oprnhQSSBQQIBBgBkgUECAUYBKAGN4AHufiOP6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7cGNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=lUcTbioAv9k&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 65A2 0
0 62ms
60ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnb6LwwxcY6e5MvCX78EPori8sAbE_dG3Z96Wvu2QDvKx16moKRAIILbX6XsoCGCVgoCAoAegAafH4tsDyAEGqQIrjmiCg7OwPqgDAcgDAqoE_AFP0LxPTnInnetIKC6ikSWnXIV0aIYjnJpTQkCTuVO5oD0FbYVmnUVVmkydExO9KAL-ANXowCsogbkyghi9WVgPHpeXGPICzCG4S0IoyK7tSeNP2yiNyLuEqo-ZLCFT4tF4e2-RYxD5NZH4qr7pMb6wKZF1beGvWjTuK3Xh81qICumr_ybK19Qr7PozX9FLe3aMIdCtVfWgkICuCD6Y8qqOj7x0IlJAviY8MCdWRC3qBVDAlZzE_xSCCn4iyVTShi2klSojSqkvCkI_TxXLWSI7vZZWCSGpcYBkpnp0BOvy94bUE4i1Lw9MxxIH_ZP7RNB7qabpZ4PMnbDhiVHABJaf2-DPA5IFBAgEGAGSBQQIBRgEoAY3gAfBuJ0kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_twY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwuIFAPQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=W57RVfBSDpo&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D2E 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 13:44:20 GMT
etag: 48472445140208031
expires: Sat, 29 Oct 2022 13:44:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 65A2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc571b7f67d0e7a3e6a24df177f1a12737412dc37d2d4d8cc211bd73b17656d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5D2E 35 B
463 B 52ms
16ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED1AKLC93dl8YzORFYiql6Q&google_cver=1&google_push=AZmPxg_2d0UIVbPoE2CwdoGxg8Dcf5lc9X2iVCPbcEosNopf0siskVAo2sUkiKGUaJ8AirkSolgrQJWSEbGkFLgtyfNaD331YF0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5D2E 43 B
350 B 51ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIDilxi9qCb2tAJeA3hSv2k&google_cver=1&google_push=AZmPxg_BfvK9dmIYmDVlCkDBaPr5XYybQNPNg4dZ_S8UedHZnMjeX3EdN4JJTFNV3etTbMUPT27dC1Zd78-mPseF4H2arQG_5kw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: trc0jbke1tg7m6l19cst376m6u9ohr83

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D2E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9SZm38uesqS4Abc5NiOlok7n9TE9Xmaf-J3I4nLI3RHabvetQfy_GnQazqAXJDBlUiuNL8wMFbHbbg58HnXXdGirux_3I

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9SZm38uesqS4Abc5NiOlok7n9TE9Xmaf-J3I4nLI3RHabvetQfy_GnQazqAXJDBlUiuNL8wMFbHbbg58HnXXdGirux_3I
date: Fri, 28 Oct 2022 17:09:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D2E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFT2Dpp5yBqWFVu7DzcMELE&google_cver=1&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFMU0UtSy1BN1Qx&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0sJJnV0kgi6Xz2opJAjNAdhpc

170 B
188 B

46ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFMU0UtSy1BN1Qx&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0sJJnV0kgi6Xz2opJAjNAdhpc

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFMU0UtSy1BN1Qx&google_push=AZmPxg_q4iL04rBUzWt0ty8yA0gmfLHQDcdIOCuevrDScALhIcoiE9kkfj6CncPkRb5hBcSHJo0sJJnV0kgi6Xz2opJAjNAdhpc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D2E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF_9JMLYSnCHFHLRW9r14sn2opJOOTTwU7N4URL9q_aNnpG3LFEOoSGbTctDzoqg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB58PfywUCKUk-4gsSSUutY&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_JS9zTKcqldRWzpzlFs8v8t6yueZNTF_9JMLYSnCHFHLRW9r14sn2opJOOTTwU7N4URL9q_aNnpG3LFEOoSGbTctDzoqg
cache-control: no-cache
cf-ray: 7615476cdcdb693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5D2E 43 B
297 B 255ms
24ms Image
image/gif 2a05:d01c:1d8:8100:240b:876d:668b:48c9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKx9nzIzzg3ENasYNEwiY6I&google_cver=1&google_push=AZmPxg-D1NqPDcM3WLKxKGTXQtNDdmqaWAVUkvlSSFgTcc7AqOu0ogEaV8AkJdyAmiH8bDLUlhsXa9DJv5K64CuLq-UhLpidv8I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1666881225&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963618&bpp=1&bdt=129&idt=170&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wN294IKuZy&p=https%3A//cybernews.com&dtd=173
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:240b:876d:668b:48c9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 5D2E 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D2E 0
223 B 59ms
18ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzIe7t-Q7-2oGyWd1UAS0p2p-Z8sv3GfI2HGWE9HUIj6VptN_Ao5lyMhSS1HNZmGXE9HmENQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F15C 624 B
297 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGJrBotUBMAE&v=APEucNUl3J46rMCSC5IYhgUoIm42MwOouQCB8qlWxbEX2HXG56LwKxsdmKoocqnPfsB0x1QuiDGnNQMK9fw0pr_CxqLV7DOKDSeT8E_JlpjEu6lvyseoFvRbQ6nj3lWjiE1Z37H2Rl5wfqNOrB38aKLQlBDVI6fmW3bPlGP3EWeCc7nRif6FFL0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:09:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C5D7 82 KB
34 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOEhy_jtrF1o0Ael1szJvNEzkcIv6u_0nk6DeXmuMzzitVCSL5ed4vhnoOxmAUUIitaByw5bwGGqUEO2_0mZw8knnG7w&cry=1&dbm_d=AKAmf-D1oh3otMZIla3R6O1Xw_MptbUc7X_RxxPu-6L9iwTQje8lH_-zU0UcmM74dNa_N6Jw0erfdhNL-6AaZs5QzpgvDky4WMlxG63REJX60Q1g3OngSpjyVLgZWDl5PRkQBlnwExDIZvV7zaP9zshHQaaot4-d_sJPxiTsttB__am4LnV-WGGm_kiGlee4hp1cxO1JO0FN3J22mh9rSx0f-P33itqNu7mZOnVHOvqvB714s1y2hOIpBUFpvIJZOqx_DCM3h1iBXa7-Hb48LmgFYGpGaNFFusRDDvQn52XqwlNZJVC9Ie0w_p-bHXK8zwYW5t1NNxqby6Vys0r5-Ku-8WsVh2N_bx5mIrUQUOpqvS9PjuGkNrcdKgNvzHcvyzVaxyA35A5MnHkn-2O8ID5cyWCySas5CSrN0He6zwJcQXJ4gd8J5s8y2va5HoamRHTcTMlS2Wh0hKvhZEd77n4H02IcjCuVDZlMZvAdYVaiIg96nYm52WHKwQCSl6H_vPwzn69jS0Cc01HPpSjGWD_haXb4Um7rhlbvaRO9_pvrvDQYhsrPI1_w6DAboQwmsVzEJDiY4lUk1k8yAcKfWmq7dN7IICbB2UQH18mo0Q78II86lwm-cwLq10m27oCQFkvTfnMwexmR5asdoQJ9rvooIJLTA-IscuPdfXJgLgLPlHgyn1Edg-ICEQR22ci5AK9cGm4P43IH0mFxjab_ZDbvTJYcozQmIKpROG6xZPEgFcMO--cDI-c-P8HcBQ4zlTaEVqQrlM1xiR1pmb6UzoWY8N_J-mg7GSkcBGscfZQBhFUNLXk8Ns75mpcKs-Wo5ZAHrfSCuCHzVSli_U4VUZgd18KQcDD9QY2-EZNvr14XZBCT3yeVrirEPgNFPzAD5oytbylMskJfYjg4ck3TFPaTHHCWoZoBzC7zj6zcfWnvZ7UBNQQ79dhctfvqSD8zGVRlvk6Qib2KaS1CkCkXDxjSGwo-jfDaG3pTS0MKxCY26v3wNQEFcgi5xR4XgrdNAFeDIa9f5oMeTv5ut_wDo-M-zTPRbC1A2IgQyWC0154Sxyrt7PP3ffHPI_UoumLGBZ2jmVEwo_rjXjZT5WPl1STUfOt614R9rp5uBdqAvilxc4sq5U0DbK-fTlFgGC7trIhP3dSJm60F6ouZ0DStKIY4lxNIa7581qjnXl4vkD78bon9ZHiRvTHDHizPT7G2KkI4pzMlnCN4Lyyw40i0QBFaNfWqEf0MZumAXm0qIrJ5MOW37oUTCWmBaqrGejoaptyXnZ9l88rhpr8uL_JxXmClD7Ylqex7tLeyYfGltXMPZwRmXxo6uA4JPd8n6iIWQ-AH3Wacdzsdfu3q5wqhOSOVGE_WQ08Pt1eoRuGzo3iNFN0cElOnVCPDz_nmGD976G8c0SDX93Oio6TfNS4ympNf3UxPJQ8JNY43nYse_j2HVGSYT_j49RPOaxAXIXrDSGWJfTsCUUmsCHY8Ak0fGhEejsog9jcyH5z82Jagb7v5fia7Q4JhtTcxSzVU8eNyi3b5BN3Zito5e7uAAbEslnahj4hHDLXTybdTA1Ke6SLLAKL8nHQP_6GCz62Qzp-1SrgpmqMovdSS4kF1k7XGBpE4irbTq06N16ckNsywwL3v3pqhtiOe6idPpWwGHwJlNw6XoF4gnglyuYgX0MvxXcun9Htw-aQxFy9hjLvYZykisBzS4zSjJcaRu2yVxWirnQB9dHccDCrx16r0ti0Cdlagva7MlfOqo8d-35llapidZH-XrLWfkC6kFQDKzBcX83SDyGVeIBalcnmAWv08B-MgbFo0LSwmHbBBDwSvnQT-KQTjDEzOk3qoKMhdgveqdO4qYXKOvlOuEIe_n7i9V4Ibtb2WLtM0YcfqZ2oGbhEdqJOyRpZ6HpP9OcAPAXG0JHAR4Jx0XCq7Mcczydp-4QRd04UyrC4WPr3OwfKDfv95ZTkL6fKtXsgfeHPMiabWfC3M0mixYjqKyhLbZsyqCZfqIkCkDBM9HdMQFAPkOWcULpEKLMZB5YKwUc56AsYPf7IQnjCLMMr6vnwO8oTqEImfIf3z4sRXNANxO1idRRbrzrpuJuNwKaGXlk3SCowvZfQX8uNcWLDRsqQv1Pw_JJ4I3jFNiiWiz4c8h_fcEFO_7n9PlAs5n-SPZI-vu-VpWgksGzjOPCBB7uv7tD74yVS1CUDSchXfDuwGJLVopsL1yNLa-H8fpJ1OpYZvoydkckjkvSOfQs71l_oKu9q-pYm_ecYj569LzdW0MuVpxnT4zfMY92iew4elcACSa-g2Bb_BW4pJguY8rNUvYP0v_Lf4ujFDFgfNtNGddQbWf6PetlcjEnUJ3x9-vAUzj-m_2Go-KB2YZ5PTMzLikJnEVS38yVGsKVIEtCXyIZIpNP_KG5SWm_8W7YaJ_9N0GhSiwsPFPv84LsgGcH-dSAC5THWlhZhjHdVrmUSN8nNxP_9UiDoxjyO6aE7GLh7G1IwTBDijod3jpJDhIfd5jSOmJP3yd91P9GdGGFIbVUHxPIwWHFQqpJ3byyOOh-_VagUVV9N0v_ZqxRrH9g2d5yNZTV2QVvexpabRh9TJCaQ7HnoEj-nY2oy9_lXoEfLqZzPqByGBWJJnVzk9AQtMrHczi5m62dUPOcDuwSnFcfbFwZCSQHQyXgVhZ50AnJwvPWBMVebp_TCcSDQLJHQEMZhJp9Yv-e9DHA8891giybTMKwizOTm43L2boGIdkh31vLcG3Mu6Mr6U8T5MJdreZeMFdt4OxuIFewkVWAVGPBTAe8pl7Nv7u1KOVTg5xF3Rc2a4Up-oFat-WjX2GKjk1xyyHgV-mFwY3Yv7FAS289nggBk00p46_wKe1SdHU0ECFXOzChznWmgeH7jqomggR7BCN6ckvfiL40sxTOErbwK-5yDEXHDDJGmHfYBG9hukSIbWsrCRYhqp8uGmkiklU10WYUvEC7RatgiuplaefPADMZ272QKHYwQe6na5PiTAcExuTx5EMMjDtzss5LgVsgu8dCo4KLEjx_fiN1aJw_5v2xZqyj3Rtnw0WICBc19KU4Q_9tNJtUqT3tGpK0kCAZisDEwpRJywFu3JUKYxTB-1p67UxKCp8s6i5wfSlKIQmbV9is8mBIXwt56gTgwY-DCn3n43Gn4ojKfzec7o1UtrqAUp_LWxfVZLZwyJhWaWaEwBwkM4x7EJKr_kV0P15QRqJyGDZ_TYsCGAJfindMVLYv6igxkFFl6PoZHMt6t8k5NRlhEFV551YyZ6G0f1e4hP3H4FG353RMksdbMizB12RUWk1l2L_qr34A_WE8FV4Ee9w6hRIHf7dxu5dT-IZUrVup3UeyN1f5MgRv0K2bnHzaogK2b-nl3aBWU&cid=CAASEuRoc0NrYLwQgM34_48BruBr7w&rfl=2%2Chttps%253A%252F%252Fcybernews.com%242%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-5928161074779380%2526output%253Dhtml%2526h%253D280%2526slotname%253D8387108948%2526adk%253D2217422274%2526adf%253D2933161405%2526pi%253Dt.ma~as.8387108948%2526w%253D350%2526fwrn%253D4%2526fwrnh%253D100%2526lmt%253D1666881225%2526rafmt%253D1%2526format%253D350x280%2526url%253Dhttps%25253A%25252F%25252Fcybernews.com%25252Fnews%25252Fhackers-exploit-capital-one-to-steal-identities%25252F%2526fwr%253D0%2526fwrattr%253Dtrue%2526rpe%253D1%2526resp_fmts%253D3%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%2526dt%253D1666976963617%2526bpp%253D1%2526bdt%253D128%2526idt%253D161%2526shv%253Dr20221026%2526mjsv%253Dm202210250101%2526ptt%253D9%2526saldr%253Daa%2526abxe%253D1%2526prev_fmts%253D0x0%2526nras%253D1%2526correlator%253D2675728509446%2526frm%253D20%2526pv%253D1%2526ga_vid%253D553261657.1666976963%2526ga_sid%253D1666976964%2526ga_hid%253D327149948%2526ga_fc%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D1023%2526ady%253D1359%2526biw%253D1600%2526bih%253D1200%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D44759875%25252C44759926%25252C44759842%25252C44761792%25252C44774649%25252C42531705%25252C44774653%25252C44775016%2526oid%253D2%2526pvsid%253D1533031245070689%2526tmod%253D499048812%2526uas%253D0%2526nvt%253D1%2526eae%253D0%2526fc%253D1920%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C1600%25252C1200%2526vis%253D1%2526rsz%253D%25257C%25257CpoEebr%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D128%2526bc%253D31%2526ifi%253D2%2526uci%253Da!2%2526btvi%253D1%2526fsb%253D1%2526xpc%253D5NnHBs7hgw%2526p%253Dhttps%25253A%252F%252Fcybernews.com%2526dtd%253D167%240

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a06a2f9793302656aee99a4c2cd01fd14aefd5eb5bde8f42e0c5942f96d66be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame C5D7 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 15:54:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame C5D7 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 14:36:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5D7 0
0 18ms
17ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvmS3ayC8YM9Qow-1ipZ9vXcPyP33KPk_hBV7DvuL8ETO6R7LF76d0yf16FSP9sVakdUgDigI7VKafG30pdCGswC0VdA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5D7 153 KB
47 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 17:09:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D7 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8I5C3MAyVBujVqUYrki4T7T9vFO6wWcgReLdb7LtWVNn88u67bbCPR4cg_M4KYX6YkXjzEeIxj-Vgva5lOkE0hmbhRPqEvXymAbAFCvzjJK7h0Yw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F15C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1

43 B
766 B

70ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGJrBotUBMAE&v=APEucNUl3J46rMCSC5IYhgUoIm42MwOouQCB8qlWxbEX2HXG56LwKxsdmKoocqnPfsB0x1QuiDGnNQMK9fw0pr_CxqLV7DOKDSeT8E_JlpjEu6lvyseoFvRbQ6nj3lWjiE1Z37H2Rl5wfqNOrB38aKLQlBDVI6fmW3bPlGP3EWeCc7nRif6FFL0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 17:09:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F15C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wMxDs5qNGiCMhkkFszXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1

43 B
766 B

12ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGJrBotUBMAE&v=APEucNUl3J46rMCSC5IYhgUoIm42MwOouQCB8qlWxbEX2HXG56LwKxsdmKoocqnPfsB0x1QuiDGnNQMK9fw0pr_CxqLV7DOKDSeT8E_JlpjEu6lvyseoFvRbQ6nj3lWjiE1Z37H2Rl5wfqNOrB38aKLQlBDVI6fmW3bPlGP3EWeCc7nRif6FFL0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 17:09:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQSqEk0UEoNjwzUK0BURkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F15C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdJwKu_kqBgwmJ5EUSfNaE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAdJwKu_kqBgwmJ5EUSfNaE%26google_cver%3D1

43 B
1 KB

27ms
27ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAdJwKu_kqBgwmJ5EUSfNaE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGJrBotUBMAE&v=APEucNUl3J46rMCSC5IYhgUoIm42MwOouQCB8qlWxbEX2HXG56LwKxsdmKoocqnPfsB0x1QuiDGnNQMK9fw0pr_CxqLV7DOKDSeT8E_JlpjEu6lvyseoFvRbQ6nj3lWjiE1Z37H2Rl5wfqNOrB38aKLQlBDVI6fmW3bPlGP3EWeCc7nRif6FFL0

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 17:09:24 GMT
AN-X-Request-Uuid: 4bca590c-e136-4d7d-9043-ed6c83a82c4a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 17:09:24 GMT
AN-X-Request-Uuid: 6fab270c-bc63-47fd-92a8-f871ef554fd5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAdJwKu_kqBgwmJ5EUSfNaE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F15C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1Nzg4MjAwNTEyOTYxMjQ0NA%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1Nzg4MjAwNTEyOTYxMjQ0NA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 17:09:24 GMT
AN-X-Request-Uuid: d23beec8-bb55-4b28-b8d2-7fbcbc222a25
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1Nzg4MjAwNTEyOTYxMjQ0NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C5D7 106 KB
38 KB 60ms
12ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame C5D7 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOEhy_jtrF1o0Ael1szJvNEzkcIv6u_0nk6DeXmuMzzitVCSL5ed4vhnoOxmAUUIitaByw5bwGGqUEO2_0mZw8knnG7w&cry=1&dbm_d=AKAmf-D1oh3otMZIla3R6O1Xw_MptbUc7X_RxxPu-6L9iwTQje8lH_-zU0UcmM74dNa_N6Jw0erfdhNL-6AaZs5QzpgvDky4WMlxG63REJX60Q1g3OngSpjyVLgZWDl5PRkQBlnwExDIZvV7zaP9zshHQaaot4-d_sJPxiTsttB__am4LnV-WGGm_kiGlee4hp1cxO1JO0FN3J22mh9rSx0f-P33itqNu7mZOnVHOvqvB714s1y2hOIpBUFpvIJZOqx_DCM3h1iBXa7-Hb48LmgFYGpGaNFFusRDDvQn52XqwlNZJVC9Ie0w_p-bHXK8zwYW5t1NNxqby6Vys0r5-Ku-8WsVh2N_bx5mIrUQUOpqvS9PjuGkNrcdKgNvzHcvyzVaxyA35A5MnHkn-2O8ID5cyWCySas5CSrN0He6zwJcQXJ4gd8J5s8y2va5HoamRHTcTMlS2Wh0hKvhZEd77n4H02IcjCuVDZlMZvAdYVaiIg96nYm52WHKwQCSl6H_vPwzn69jS0Cc01HPpSjGWD_haXb4Um7rhlbvaRO9_pvrvDQYhsrPI1_w6DAboQwmsVzEJDiY4lUk1k8yAcKfWmq7dN7IICbB2UQH18mo0Q78II86lwm-cwLq10m27oCQFkvTfnMwexmR5asdoQJ9rvooIJLTA-IscuPdfXJgLgLPlHgyn1Edg-ICEQR22ci5AK9cGm4P43IH0mFxjab_ZDbvTJYcozQmIKpROG6xZPEgFcMO--cDI-c-P8HcBQ4zlTaEVqQrlM1xiR1pmb6UzoWY8N_J-mg7GSkcBGscfZQBhFUNLXk8Ns75mpcKs-Wo5ZAHrfSCuCHzVSli_U4VUZgd18KQcDD9QY2-EZNvr14XZBCT3yeVrirEPgNFPzAD5oytbylMskJfYjg4ck3TFPaTHHCWoZoBzC7zj6zcfWnvZ7UBNQQ79dhctfvqSD8zGVRlvk6Qib2KaS1CkCkXDxjSGwo-jfDaG3pTS0MKxCY26v3wNQEFcgi5xR4XgrdNAFeDIa9f5oMeTv5ut_wDo-M-zTPRbC1A2IgQyWC0154Sxyrt7PP3ffHPI_UoumLGBZ2jmVEwo_rjXjZT5WPl1STUfOt614R9rp5uBdqAvilxc4sq5U0DbK-fTlFgGC7trIhP3dSJm60F6ouZ0DStKIY4lxNIa7581qjnXl4vkD78bon9ZHiRvTHDHizPT7G2KkI4pzMlnCN4Lyyw40i0QBFaNfWqEf0MZumAXm0qIrJ5MOW37oUTCWmBaqrGejoaptyXnZ9l88rhpr8uL_JxXmClD7Ylqex7tLeyYfGltXMPZwRmXxo6uA4JPd8n6iIWQ-AH3Wacdzsdfu3q5wqhOSOVGE_WQ08Pt1eoRuGzo3iNFN0cElOnVCPDz_nmGD976G8c0SDX93Oio6TfNS4ympNf3UxPJQ8JNY43nYse_j2HVGSYT_j49RPOaxAXIXrDSGWJfTsCUUmsCHY8Ak0fGhEejsog9jcyH5z82Jagb7v5fia7Q4JhtTcxSzVU8eNyi3b5BN3Zito5e7uAAbEslnahj4hHDLXTybdTA1Ke6SLLAKL8nHQP_6GCz62Qzp-1SrgpmqMovdSS4kF1k7XGBpE4irbTq06N16ckNsywwL3v3pqhtiOe6idPpWwGHwJlNw6XoF4gnglyuYgX0MvxXcun9Htw-aQxFy9hjLvYZykisBzS4zSjJcaRu2yVxWirnQB9dHccDCrx16r0ti0Cdlagva7MlfOqo8d-35llapidZH-XrLWfkC6kFQDKzBcX83SDyGVeIBalcnmAWv08B-MgbFo0LSwmHbBBDwSvnQT-KQTjDEzOk3qoKMhdgveqdO4qYXKOvlOuEIe_n7i9V4Ibtb2WLtM0YcfqZ2oGbhEdqJOyRpZ6HpP9OcAPAXG0JHAR4Jx0XCq7Mcczydp-4QRd04UyrC4WPr3OwfKDfv95ZTkL6fKtXsgfeHPMiabWfC3M0mixYjqKyhLbZsyqCZfqIkCkDBM9HdMQFAPkOWcULpEKLMZB5YKwUc56AsYPf7IQnjCLMMr6vnwO8oTqEImfIf3z4sRXNANxO1idRRbrzrpuJuNwKaGXlk3SCowvZfQX8uNcWLDRsqQv1Pw_JJ4I3jFNiiWiz4c8h_fcEFO_7n9PlAs5n-SPZI-vu-VpWgksGzjOPCBB7uv7tD74yVS1CUDSchXfDuwGJLVopsL1yNLa-H8fpJ1OpYZvoydkckjkvSOfQs71l_oKu9q-pYm_ecYj569LzdW0MuVpxnT4zfMY92iew4elcACSa-g2Bb_BW4pJguY8rNUvYP0v_Lf4ujFDFgfNtNGddQbWf6PetlcjEnUJ3x9-vAUzj-m_2Go-KB2YZ5PTMzLikJnEVS38yVGsKVIEtCXyIZIpNP_KG5SWm_8W7YaJ_9N0GhSiwsPFPv84LsgGcH-dSAC5THWlhZhjHdVrmUSN8nNxP_9UiDoxjyO6aE7GLh7G1IwTBDijod3jpJDhIfd5jSOmJP3yd91P9GdGGFIbVUHxPIwWHFQqpJ3byyOOh-_VagUVV9N0v_ZqxRrH9g2d5yNZTV2QVvexpabRh9TJCaQ7HnoEj-nY2oy9_lXoEfLqZzPqByGBWJJnVzk9AQtMrHczi5m62dUPOcDuwSnFcfbFwZCSQHQyXgVhZ50AnJwvPWBMVebp_TCcSDQLJHQEMZhJp9Yv-e9DHA8891giybTMKwizOTm43L2boGIdkh31vLcG3Mu6Mr6U8T5MJdreZeMFdt4OxuIFewkVWAVGPBTAe8pl7Nv7u1KOVTg5xF3Rc2a4Up-oFat-WjX2GKjk1xyyHgV-mFwY3Yv7FAS289nggBk00p46_wKe1SdHU0ECFXOzChznWmgeH7jqomggR7BCN6ckvfiL40sxTOErbwK-5yDEXHDDJGmHfYBG9hukSIbWsrCRYhqp8uGmkiklU10WYUvEC7RatgiuplaefPADMZ272QKHYwQe6na5PiTAcExuTx5EMMjDtzss5LgVsgu8dCo4KLEjx_fiN1aJw_5v2xZqyj3Rtnw0WICBc19KU4Q_9tNJtUqT3tGpK0kCAZisDEwpRJywFu3JUKYxTB-1p67UxKCp8s6i5wfSlKIQmbV9is8mBIXwt56gTgwY-DCn3n43Gn4ojKfzec7o1UtrqAUp_LWxfVZLZwyJhWaWaEwBwkM4x7EJKr_kV0P15QRqJyGDZ_TYsCGAJfindMVLYv6igxkFFl6PoZHMt6t8k5NRlhEFV551YyZ6G0f1e4hP3H4FG353RMksdbMizB12RUWk1l2L_qr34A_WE8FV4Ee9w6hRIHf7dxu5dT-IZUrVup3UeyN1f5MgRv0K2bnHzaogK2b-nl3aBWU&cid=CAASEuRoc0NrYLwQgM34_48BruBr7w&rfl=2%2Chttps%253A%252F%252Fcybernews.com%242%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-5928161074779380%2526output%253Dhtml%2526h%253D280%2526slotname%253D8387108948%2526adk%253D2217422274%2526adf%253D2933161405%2526pi%253Dt.ma~as.8387108948%2526w%253D350%2526fwrn%253D4%2526fwrnh%253D100%2526lmt%253D1666881225%2526rafmt%253D1%2526format%253D350x280%2526url%253Dhttps%25253A%25252F%25252Fcybernews.com%25252Fnews%25252Fhackers-exploit-capital-one-to-steal-identities%25252F%2526fwr%253D0%2526fwrattr%253Dtrue%2526rpe%253D1%2526resp_fmts%253D3%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%2526dt%253D1666976963617%2526bpp%253D1%2526bdt%253D128%2526idt%253D161%2526shv%253Dr20221026%2526mjsv%253Dm202210250101%2526ptt%253D9%2526saldr%253Daa%2526abxe%253D1%2526prev_fmts%253D0x0%2526nras%253D1%2526correlator%253D2675728509446%2526frm%253D20%2526pv%253D1%2526ga_vid%253D553261657.1666976963%2526ga_sid%253D1666976964%2526ga_hid%253D327149948%2526ga_fc%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D1023%2526ady%253D1359%2526biw%253D1600%2526bih%253D1200%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D44759875%25252C44759926%25252C44759842%25252C44761792%25252C44774649%25252C42531705%25252C44774653%25252C44775016%2526oid%253D2%2526pvsid%253D1533031245070689%2526tmod%253D499048812%2526uas%253D0%2526nvt%253D1%2526eae%253D0%2526fc%253D1920%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C1600%25252C1200%2526vis%253D1%2526rsz%253D%25257C%25257CpoEebr%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D128%2526bc%253D31%2526ifi%253D2%2526uci%253Da!2%2526btvi%253D1%2526fsb%253D1%2526xpc%253D5NnHBs7hgw%2526p%253Dhttps%25253A%252F%252Fcybernews.com%2526dtd%253D167%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame C5D7 30 KB
11 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C5D7 41 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 12:01:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2AE9 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 13:44:20 GMT
etag: 48472445140208031
expires: Sat, 29 Oct 2022 13:44:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C5D7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fdfd9d06d2aee732188e2a8273d1fda2957d186002bc95008b7630601ab4d06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D45D 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 12:01:33 GMT
expires: Thu, 26 Oct 2023 12:01:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4199422085714188518/ Frame 8385 4 KB
1 KB 25ms
8ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b290fba384f911a156f4bb897a15b546617fcd0a85a55aa73f4d019ca2588dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 287605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1293
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 09:15:59 GMT
expires: Wed, 25 Oct 2023 09:15:59 GMT
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5D7 0
0 96ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuco6NyXA-Qnk-QTw2efZlnG8NELtwR-ZP-_wN8g-MGVMrcHLF9kOxmLr5BLn1g2giRagDOuqcAa5LLDk9EVSDOL_w-FR_7TCXBIZh279G9OWfIRT8Hs8wQTpwUqoecV6Xp7ETOtOS-5-HgMKHUwlZOCr6d7YZ0_4wWK10KmTE0pLqpGl1mar4Uvx76SzIGTj2YBObha-oAvnyADdQSUcHI3PAe1aErZhFaaQykygGQJzBBH7-AD1va2ZIPU8A907F7EJ4p2-9aTNBbAjWXvsnSuKucHAsrOaJfoOfZoHJeefhhu7Cmc2BTwTLFaScB3G6VKS0WjyOk2HMH15H5ENwEplCM0yftIQj9F1R3hXezugajWZLK-txwSi3Ci7iSULmKgONR6hkAznQ8En4bTltuEeXMhiB47slbgGRawk_RoBlCXRHta6FyJTfiLHJZ_ierk4KevuE1w6hLT46iDST5H-qJCaOObFIV20gqKoFRULOeH47wwzJxaOk0hnIp95iIerXIn56ivNQg5tIPT7-8Kyh5uNzH0U2iXdkQgmRmM9G5Yf4C2zCKFzvJR6T3wQZLaO0s-KOl4Rk-2R1mLOsxkCZ-GTjBS6VLmRx-9u3h-zFtI4bkGVkTBA7bL2aalKNOUyvXsMSJkSBkngzV1S0a476R4PpbI35qJ8VFnNbnf6gg2GV_YUdtB66KVWZ6vhzRZo9qx7pJSpDDPx3ubLs3z1tBtpF4LzabbWleX2q7Z9jczGGBFsj0oROlQCtagBUuuZ_YFz5x3vhQGLA3aFNhd5mc3cWl6K_VWtQ_bwzL4FhpRrSIPPX6ITJMUgnB2yhBN0Iwl9BbCXtoHwwXIXk9pIwFh7y8xTXPEFXhF1UGCxIUBY7DJFypbGHStjItCPldpDrTBJ6EHibkWoNSZN4v-LHRDAMPlkbqYr27-F4O_zpMIe6s6A4Q3FP3bNyjzepBKc0d05iFfUzb0emTI4SFeXE94j5hfyX4kFZ_ayhrBDd4XF6WCCoFA2_HoPm-NUpIBi1bZaA0zzJS1bVt3pbBv4ccc1q7Eppqt_TantCBjWT499TLhzeVFbY2EXXZJ_cy1BXIRF-r78t1Xf30gm6xABhhq51aidZyZhbrB1OiyDvqiRmBGJJemUnUKJk33BlfIVO3WkmR4vjTjih8glxDMPZ-zg4D7JdGjtQEwdDsy7wfi--vIyXigfIVFsSUgXPwEkRxYjdfqNzaERbMB6UbQSn6XOkLVA0&sai=AMfl-YRcWsnqEWBKIv1xZwlkgl6eNcTUA1E6h-bKXVyc1FZjmpJae2e7y_yB651t4Madmxcdor6X0--pPCwNcFi6AyT2SNDSE-0AI1VOBxjiYm837zWK11Tb8h2WdbnvdvZy1EtIQM6aYbHykUhbVLRAOEZGb5k6qD7jOGs&sig=Cg0ArKJSzHdXFsPEYI_qEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=94&cisv=r20221026.08134&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 17:09:24 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame C5D7 60 B
60 B 109ms
27ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=72950-dcm&extLi=28719000&extCr=179394580&extPm=348221081

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 17:09:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 28 Okt 2022 05:09:24 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1605
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE9
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJE7KkjJR8-CSUhUtkG5mas&google_cver=1&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXt...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXtM7AzBxrEZPp3hWgxrD31sWRHOhdinaOcORh2ATQ7c7&google_hm=h1T2Q4ZLKtJr...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXtM7AzBxrEZPp3hWgxrD31sWRHOhdinaOcORh2ATQ7c7&google_hm=h1T2Q4ZLKtJrNyKtlRO3Kw

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_xf6Y9EF2eSSZIH-eVy53-oJfQCrrDaGt_hZ6nLIWd9P3Ypz4uXtM7AzBxrEZPp3hWgxrD31sWRHOhdinaOcORh2ATQ7c7&google_hm=h1T2Q4ZLKtJrNyKtlRO3Kw
pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 2AE9 43 B
356 B 44ms
18ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHypGD3Db-nbxblLXa42TS8&google_push=AZmPxg8DGn_wg_qlYIml60DfwR8kxJ8gty1_j9aXRx8qF3u47WmWqTp-aXKaev364i_ryXyFzlC1_pxFpWLchdm6aHwSxOZzgZJhsw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 2AE9 43 B
64 B 38ms
26ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGgOCfVinTZa0ghzoUDKAW8&google_cver=1&google_push=AZmPxg-ahN-_Wch9-C2-YQICtbZ4H0nJ_FytLXOxOaM8MflNNDQ4oa5Jz3INdDDHhH7iIDpzuGL5aoPXS4k2VQpmsTeVRw_Z5M4z
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1666881225&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666976963617&bpp=1&bdt=128&idt=161&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2675728509446&frm=20&pv=1&ga_vid=553261657.1666976963&ga_sid=1666976964&ga_hid=327149948&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=1533031245070689&tmod=499048812&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5NnHBs7hgw&p=https%3A//cybernews.com&dtd=167
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1j0a204nje1qrss048ij91eha7st69er

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg92GBsZ7g5H4R2wxQ_9TI1UYR6gY0DkMYtrI_6T4DS12ESSdmOjZmY9JegnXJPCgw0gPqPBkDMCOv0gttExW_2KV5m4M1daNg

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NVRBkHMPREug_wRNODNc8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg92GBsZ7g5H4R2wxQ_9TI1UYR6gY0DkMYtrI_6T4DS12ESSdmOjZmY9JegnXJPCgw0gPqPBkDMCOv0gttExW_2KV5m4M1daNg
date: Fri, 28 Oct 2022 17:09:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHwZiUfzHW-nN1DS4TJYpnI&google_cver=1&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFNMTEtMjYtM0JM&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8h5wVeOiMMTw8vrn35oMxuqF9pgw

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFNMTEtMjYtM0JM&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8h5wVeOiMMTw8vrn35oMxuqF9pgw

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTUjFNMTEtMjYtM0JM&google_push=AZmPxg_26uxih2tMM0g9fh6gu0jOBnhSDQ4NpiFKlxQv-cSmYdiBQZUQmzol2jfRic_mxtG30K8h5wVeOiMMTw8vrn35oMxuqF9pgw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_rukzkD3wzZQ_VD88TJCvtoFMDUAFLl...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_rukzkD3wzZQ_VD88TJCvtoFMDUAFLlLNrjRaPthwiBQy5gYbyGjodHL61A0dlFFZ263oe1jgFq1e_rVRoMSFf-myYwsaIOA

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvGgmHLbAS_fIFZOQcvA48&google_hm=Y1wMxDs5qNGiCMhkkFszXAAAFBMAAAAB&google_nid=index&google_push=AZmPxg_rukzkD3wzZQ_VD88TJCvtoFMDUAFLlLNrjRaPthwiBQy5gYbyGjodHL61A0dlFFZ263oe1jgFq1e_rVRoMSFf-myYwsaIOA
cache-control: no-cache
cf-ray: 7615476e0f89693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 2AE9 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2AE9 0
12 B 18ms
16ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-5slPmSAcNoEtrpriBgHn6B7VGL1Sp-k3-MGN4GtUzZ5hlQgB2-gmvzwFS4En4Bo83KW-Lg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame D45D 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/ Frame 8385 1 KB
470 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a847038c7bbbfd3d54a52b49380cf67d7dac0591657cba4e355b4dbd0b70864c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 441
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:15:59 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 8385 113 KB
33 KB 61ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 4318220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33534
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7615476e7a1d698f-FRA
expires: Wed, 18 Oct 2023 17:09:24 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/4199422085714188518/javascripts/ Frame 8385 2 KB
658 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06fcf7cd6fc24e0d3352df132a54d3bb9612defd0542b69d7e02a0da248336b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 629
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:15:59 GMT

GET
H3 200 hl1.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 11 KB
11 KB 10ms
9ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/hl1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a88e9afc5fc07b78e8fe39a68a8c5cd749a509b57aa8aea6cd38a47cc231f64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11263
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 hl2.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 5 KB
5 KB 11ms
9ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/hl2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d676f2ce9c9d6896ff7b2238aa1923ed9310334abddd5011841577fd7a5b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4767
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 product.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 10 KB
10 KB 30ms
28ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/product.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef352668bae50fc2aaae4a7d29f3b7cd94c3994ea1cb73332fcc50b59cdec1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9850
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 steam.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 26 KB
26 KB 30ms
29ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/steam.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b09f7f306b18094de3d6d09b20cad1ce0c2d9fd775dbc236f83c16b7c96abf46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26417
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 12 KB
12 KB 12ms
11ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a48cb36708ba98ffcf1341fa60fbf3ce888810dcd40c3ae5d759340e063196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12727
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 3 KB
3 KB 35ms
33ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f3fc440a20ebb5dffe34159d0ffae133414abdb03bcce3610eb145657e0dbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3050
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 new_price.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 14 KB
14 KB 31ms
29ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/new_price.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7551007f8230ff4986cc917382ea8a3ab0a9bcbf92deaa01ce871bd5eb4a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14615
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 old_price.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 4 KB
4 KB 34ms
32ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/old_price.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450a0d014b5b126dcb47929bfd3b418adf2099b5ce4065234ca9c37106744a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3801
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/4199422085714188518/images/ Frame 8385 4 KB
4 KB 33ms
32ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4199422085714188518/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb49d0b0f29e675b3fa465e4df5717e96845a6bcedc3ec49490d28e4934345e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4199422085714188518/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:14:53 GMT
x-content-type-options: nosniff
age: 287671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3842
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:14:53 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5D7 0
0 64ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuco6NyXA-Qnk-QTw2efZlnG8NELtwR-ZP-_wN8g-MGVMrcHLF9kOxmLr5BLn1g2giRagDOuqcAa5LLDk9EVSDOL_w-FR_7TCXBIZh279G9OWfIRT8Hs8wQTpwUqoecV6Xp7ETOtOS-5-HgMKHUwlZOCr6d7YZ0_4wWK10KmTE0pLqpGl1mar4Uvx76SzIGTj2YBObha-oAvnyADdQSUcHI3PAe1aErZhFaaQykygGQJzBBH7-AD1va2ZIPU8A907F7EJ4p2-9aTNBbAjWXvsnSuKucHAsrOaJfoOfZoHJeefhhu7Cmc2BTwTLFaScB3G6VKS0WjyOk2HMH15H5ENwEplCM0yftIQj9F1R3hXezugajWZLK-txwSi3Ci7iSULmKgONR6hkAznQ8En4bTltuEeXMhiB47slbgGRawk_RoBlCXRHta6FyJTfiLHJZ_ierk4KevuE1w6hLT46iDST5H-qJCaOObFIV20gqKoFRULOeH47wwzJxaOk0hnIp95iIerXIn56ivNQg5tIPT7-8Kyh5uNzH0U2iXdkQgmRmM9G5Yf4C2zCKFzvJR6T3wQZLaO0s-KOl4Rk-2R1mLOsxkCZ-GTjBS6VLmRx-9u3h-zFtI4bkGVkTBA7bL2aalKNOUyvXsMSJkSBkngzV1S0a476R4PpbI35qJ8VFnNbnf6gg2GV_YUdtB66KVWZ6vhzRZo9qx7pJSpDDPx3ubLs3z1tBtpF4LzabbWleX2q7Z9jczGGBFsj0oROlQCtagBUuuZ_YFz5x3vhQGLA3aFNhd5mc3cWl6K_VWtQ_bwzL4FhpRrSIPPX6ITJMUgnB2yhBN0Iwl9BbCXtoHwwXIXk9pIwFh7y8xTXPEFXhF1UGCxIUBY7DJFypbGHStjItCPldpDrTBJ6EHibkWoNSZN4v-LHRDAMPlkbqYr27-F4O_zpMIe6s6A4Q3FP3bNyjzepBKc0d05iFfUzb0emTI4SFeXE94j5hfyX4kFZ_ayhrBDd4XF6WCCoFA2_HoPm-NUpIBi1bZaA0zzJS1bVt3pbBv4ccc1q7Eppqt_TantCBjWT499TLhzeVFbY2EXXZJ_cy1BXIRF-r78t1Xf30gm6xABhhq51aidZyZhbrB1OiyDvqiRmBGJJemUnUKJk33BlfIVO3WkmR4vjTjih8glxDMPZ-zg4D7JdGjtQEwdDsy7wfi--vIyXigfIVFsSUgXPwEkRxYjdfqNzaERbMB6UbQSn6XOkLVA0&sai=AMfl-YRcWsnqEWBKIv1xZwlkgl6eNcTUA1E6h-bKXVyc1FZjmpJae2e7y_yB651t4Madmxcdor6X0--pPCwNcFi6AyT2SNDSE-0AI1VOBxjiYm837zWK11Tb8h2WdbnvdvZy1EtIQM6aYbHykUhbVLRAOEZGb5k6qD7jOGs&sig=Cg0ArKJSzHdXFsPEYI_qEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=235&vt=11&dtpt=138&dett=3&cstd=94&cisv=r20221026.08134&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 17:09:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D45D 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtEXYxAxcY6jaJ5KfgAeXgqygBgAAAAA4AeAEAg&bg=!aWqlai7NAAZPh4lnb4c7ACkAdvg8Whw44TdbtZcVcahB5EHn5SyjRe8weN6VfC5EoIb_Mk8-dGYCjwIAAAB2UgAAAAJoAQcKAFdFx_z-rZrSxLLqs7cd8EYm_kXH8uvs9yUFHwByOBrD4280Z-URdgpvnjoxNBOKV7dp4K4TYwJStBLU11kIqRC0w-V3eI8ZqNU-JABGDEIo6efzNPeJosGZAvbt-hJ9YM7DEaa7NAkfBLP54omtn0y-PI4itEeAs47gN_T1wn2iBaLaU5UcJRso-fBobUyQP5i90ejYSoxscQY91QL1ua-yGzwwe6fNcmvdnTNImGS_77I51Ewczu2tMvliDjUAkHoSRecIFQZa3vAEDh4EVmchLjtFOzVZSkRGiNZtPRUT_00I89DBOH9nNeQuKSJSDYHet4SLe-0zXvByniktz-fPein-Mv6Lyo_PNku0Ys6pqiwCeJWndHCWXrNsVDOruMldO8rwcsZKZzNUPlY2krTxB02QQLxoz6fMONkyTjcGwFipttzhaETV01d51L1OAp3kTeQIx-qWXF5Gic9mQgBe_0uIPfQ_AkCBgkRr0f4dy3GQx85yyYvYrs7El_npfTZprz4Zai4e1ty9PnixWVOmBCo0hHxEVYb74BdrhTmvs7k0mLwPdIIQ9dxy1C1ALiL73zyFAPQa4gSXxGR6vLEP3QI8hDMlw3cWMqKsWlsUQgaMj70uP9AL9ENBFzmGzkEDCO-MQL1d8QZJdMFzO0dvttfMw5RbLd-psXHlgkLyAEkKQzBVvR5ny2dmmzes5psFPFgHk6Hq0BSxkfA5rH9fnePWy2H0Yy_LRaZH5AAvls-JApMjvL_1elAT8ViB3gGs54ff5keLXIOKx6RoYgKiigiQemrcLwptqRifHRdYR7UJfWw513V97nhw_PTrS-m0i4MHt04iLNmOM-XwKQP75SxL929m6v3dx1ahtZS66vF_L1tWA2R9GRZRTQa63q2pPidCo_x27_KxV-LvJsdOYj0-1pecqMb8iwrwEYWwv0JKUrlVUaD4_F2bBrZAkpAPghlmGsF5xoK2dqC8udoGhC9Uut6vw9SvQfBgjuZYG1neuzzk5qjdDxIg2IplbSCtKxMxYxl3VQkFYhz-K5RdcL0_5fLlXoVf260pHe9DET70PcPVzVw0vRSS1lb4G_oR0yvjjuddTPIUufb5MUQaLvt6jQdduE8dDStHFrq-mQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/hackers-exploit-capital-one-to-steal-identities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 17:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 3 KB
2 KB 38ms
30ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c1177c9665ec6ac42b8ccb4afd7c0523abed86f0e65e8815f1398f66897314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1022
cf-polished: origSize=3367
status: 200 OK
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: bd2133a7-9d8f-41bd-adc8-75ff9a1b5f3a
x-runtime: 0.028378
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"67b27a40b910129a0c231e7283f8db8a"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 761547712e8b9250-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 28 Oct 2022 18:09:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 59ms
40ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5136630d61ce4bbcc02c5e82798b4fe0f1f37173d93534b55b45e0cfbf4fe281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0

GET
H3 200 search-16d3f70ea0.js Show response
cybernews.com/js/ 7 KB
3 KB 130ms
130ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/search-16d3f70ea0.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9058b41af4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258df724525d8ce0647be578471e40bb35b59ccc04e95c5bba0e71669327bc5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 106027
cf-polished: origSize=6857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 26 Oct 2022 10:42:32 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63590f18-1ac9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 761547712c9a690d-FRA
expires: Fri, 28 Oct 2022 21:09:25 GMT

GET
H3 200 links-bar-2f0410a89a.js Show response
cybernews.com/js/ 1 KB
2 KB 119ms
118ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/links-bar-2f0410a89a.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9058b41af4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685587735a092c1429b2851bd2d5e546706af083d78ab19d7b50da23f1dfba8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 105746
cf-polished: origSize=1415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 26 Oct 2022 10:42:32 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63590f18-587"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 761547712ca6690d-FRA
expires: Fri, 28 Oct 2022 21:09:25 GMT

GET
H3 200 scroll-up-703df50bb8.js Show response
cybernews.com/js/ 510 B
1 KB 132ms
131ms Script
application/javascript 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/scroll-up-703df50bb8.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9058b41af4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 105746
cf-polished: origSize=511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 26 Oct 2022 10:42:32 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63590f18-1ff"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 761547712ca8690d-FRA
expires: Fri, 28 Oct 2022 21:09:25 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=327149948&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&ul=en-us&de=UTF-8&dt=Hackers%20exploit%20Capital%20One%20to%20steal%20identities%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F&el=25%25&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=553261657.1666976963&tid=UA-149779697-1&_gid=766199486.1666976964&gtm=2wgaq0KMWQ6GT&cg1=News&cg2=Editorial&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&cd6=2022-10-28T17%3A09%3A25.308Z&z=1341269332

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 00:40:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59339
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DJIdronetechnologies.jpg
media.cybernews.com/images/thumbnail_small/2022/10/ 3 KB
4 KB 55ms
55ms Image
image/avif 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2022/10/DJIdronetechnologies.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a8836f225dee06c2eabcd726adc2460c0146bbcd345edd7362c77928d31ee4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3206
cf-resized: internal=ok/h q=0 n=85 c=12+100 v=2022.10.4 l=3206
last-modified: Tue, 11 Oct 2022 14:06:10 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfqdihqk0AemWPmfhKi7X0Cg:9fe70d3f0e506c9c177bab13e914e48d"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 761547713cbf690d-FRA

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 23ms
22ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 975
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 761547716c1f9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 27 Nov 2022 17:09:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 17:09:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83B6 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:04:01 GMT
expires: Sat, 28 Oct 2023 17:04:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 33A2 783 B
535 B 19ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ea6f97df45f579a5a957420166c0c1853be31dabacce72f266950fa025c4c34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hk_h8a1QXF4lBPa0Nhz_nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hk_h8a1QXF4lBPa0Nhz_nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 17:09:25 GMT
expires: Fri, 28 Oct 2022 17:09:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 83B6 36 KB
16 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33A2 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=1533031245070689&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 83B6 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gHILtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:09:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=1533031245070689&bg=!XF-lXxvNAAZPh4lnb4c7ACkAdvg8Wvmq9xWAABJQYpHv-O5DWqbsL8VMrIAtK46ggpg5BSPcrJRloQIAAABTUgAAAAJoAQcKAJGXzRHJnl3X0Ig-waXlUTAY9OSGAVRL8ARF1VgLQMiT3Wvmm-dMTWLqU_DLxzIh2Hurd3t-8U8t-IEiiG3d6Sb5UTXNvQ9Ccc3pf-FvSHkKsjRsyXLLtCOiGIIwh_20bqhq3IiZhwYRtsLDQ0Zb5jeL3kIUTUzZTxCvNJntVhLl7VJWOQ4SkH2g7VSZEEBgIozGmQKl6NPpkKMwsZUJOQgokwwbOCsyRimD6_UsQ_S0k0XjWdDo8xJiYISugo1-TUsYc3HgT6BeKhAHO3rjhAUYonxNR8ZtwYhmZtaqgaAhneUpWNF5NLyaJ7GMIR6vPmLX3FljvsLoSeguqIK1bHbAcyWlzpXyMXneS4INqniH2gbtOYcbNu3aRZP5htZxr33hRHv-bDEbWKwMri8VhE-W9-VGba61Ale6lHRptrLsD53EIUZsPYiGXs9h0TNGF0nDhMSG0nw3fZDM7PnbvGhivieG3wUty5hGYop1SgOq4DKRmLRIC9Qitmq49M-aVJYD4MgpMzlaKY4G4iA4UqNj7trXW6tUPEILljbe_ia2Ucd5BV0WxkWICF-nNIbwtsLJ9aT9XPlbD-Fn-G-k2-WsImkTIXNxLWFLYC8L41E0OEhN5YMMk9fHry8ZfRFe12b3K73-iLVDUowaQ0aUo0d4SiQXfOVBJhkYX4_IXj4twN9URhHoJiR0DDKKy66ZFicYJt-plAy9ExV0MzNPrBVh_qHYs3aAxXNyF92G54DJJnkC1tvvrGKCef56fpUVQPTx8imXHGc4WImTdqZGqOnIPdkq-Bv3OJttzma4_3Xryzbk498ZbLQfpDvE_9sOpuSQm5SKoNWPqKITuclSnoU6W--CHm10d8jRbGKUK12rNOROM8xiPxCr-uMmJ3t3JqxsDo4yx8PZIGN3FdjsTLD9eJpQlL88bhWReQJUyM48U-GteIzjhLfkagjolNElyNJ0uL_-66FKnZliGfURyOz6XF6RmSmCkQR9dska0cYPhDlJgurB1S5_Lb9X8kqr5f1BB72Pzr-kkKj5supPD-wWQ73k8rUKEtRFAee3lg_TZKd3k2vq6k08rewJspBBJnVUae90woXvLkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENpsiI9MccxAGmgzbq4DluE&google_cver=1&google_push=AZmPxg-bOAnqBQKvCmltJjFrlHxpDKCpTM6sOi6bOZp0YZ3sOc8HTO5eMQMeNoO85xxZ93lediaAnwBRgHRmXmyQhPq1a_8GQiFU

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEI_NoMSduVIl13WqUb-hEmc&google_cver=1&google_push=AZmPxg-5w-ecYjWV494uPQ7l127ygbYhcupOlYjLEffThMfrwbsa4Wuxr651x0_roY91T8xJYu6Ei5HTiXZvLcg5XeLLTP9c7TA7RwM

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybernews.com/	1970-01-20 07:03:11	Name: cn_t_sess Value: %7B%22cid%22%3A%22553261657.1666976963%22%2C%22clickId%22%3Anull%2C%22clickType%22%3Anull%2C%22landingPageUri%22%3A%22https%3A%2F%2Fcybernews.com%2Fnews%2Fhackers-exploit-capital-one-to-steal-identities%2F%22%2C%22sessionId%22%3A%2221383892-8d00-4bdf-a577-9ef5bb5dfaeb%22%2C%22timeStamp%22%3A1666976963%7D
.cybernews.com/	1970-01-20 16:38:56	Name: cn_t_uid Value: 92d89125-f58b-4acc-8b1f-d03d4abd09fc
.cybernews.com/	1970-01-20 09:12:32	Name: _gcl_au Value: 1.1.6890719.1666976964
.cybernews.com/	1970-01-20 07:04:23	Name: _gid Value: GA1.2.766199486.1666976964
.cybernews.com/	1970-01-20 07:02:57	Name: _gat_UA-149779697-1 Value: 1
.cybernews.com/	1970-01-20 07:02:57	Name: _gat Value: 1
.cybernews.com/	1970-01-20 16:38:56	Name: _ga_KT8DKCHF41 Value: GS1.1.1666976963.1.0.1666976963.60.0.0
.cybernews.com/	1970-01-20 16:24:32	Name: __gads Value: ID=5e3eb3d34abd40a6-22f60ffa5ace0065:T=1666976963:RT=1666976963:S=ALNI_Majcoy5qp844WZ7PTlFg1Ga4IjhAA
.cybernews.com/	1970-01-20 16:24:32	Name: __gpi Value: UID=00000897e7398641:T=1666976963:RT=1666976963:S=ALNI_MYdzE8IQ3I4L3Yv2UWBGN03fEY1tw
.cybernews.com/	1970-01-20 07:02:59	Name: ga_fired Value: true
.quantserve.com/	1970-01-20 09:12:32	Name: d Value: EAcBCQG4J4EA
.quantserve.com/	1970-01-20 16:33:11	Name: mc Value: 635c0cc4-72a1c-5daa5-61422
.doubleclick.net/	1970-01-20 16:24:32	Name: IDE Value: AHWqTUkPSVCP3KdcecUbG_pBRXvS2bsJTb9UtUcBtH7TZMuc_D7IOtweirgDBIKU0bQ
.casalemedia.com/	1970-01-20 15:48:32	Name: CMID Value: Y1wMxDs5qNGiCMhkkFszXAAA
.casalemedia.com/	1970-01-20 09:12:32	Name: CMPS Value: 5139
.casalemedia.com/	1970-01-20 09:12:32	Name: CMPRO Value: 5139
.innovid.com/	1970-01-20 09:12:32	Name: uuid Value: bb3517b1-f1f2-4053-a6d8-5f44bcb4a20d-20221028 13:09:24
.pubmatic.com/	1970-01-20 07:04:23	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:12:32	Name: KADUSERCOOKIE Value: 35544190-730F-444B-A0FF-044D38335CF2
.adnxs.com/	1970-01-20 09:12:32	Name: uuid2 Value: 4211761968577874686
.adnxs.com/	1970-01-20 09:12:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb7v<%+U!@wnfH8K6pQK`!5=E<L5?%K9eR1j.4i<Sz1H:ovgPEG.69f/@XxF(%xs9bpRzqF1`b_[6*3PZ?
.casalemedia.com/	1970-01-20 09:12:32	Name: CMTS Value: 5175
m.exactag.com/	1970-01-20 09:12:32	Name: exactag_new_gk Value: 21968e6aa10b4876a8b90cb37add266c%7C27.12.2022%2017%3A09%3A24
m.exactag.com/	1970-01-20 11:22:08	Name: exactag_new_uk Value: 495351347e9d48db9084e0ec06695a74%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 714b7b4674b94ebe9db1a82b
.cybernews.com/	1970-01-20 16:38:56	Name: _ga Value: GA1.2.553261657.1666976963
.cybernews.com/	1970-01-20 07:02:58	Name: __cf_bm Value: yHfmqdXPyUVuAHncrqfMTSNiGk5XQnm5gukUxQxTDB4-1666976965-0-AZ276xxV1YTrbjQltZhgS6PTgaL2np0xBJw/pqKxN+ff5Kt8cZrb+UzLMQLm6U4UCHqUZLXhAw1Qna9MRjTVDyVlxbR8IfgyyPmnGzml0g58

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENpsiI9MccxAGmgzbq4DluE&google_cver=1&google_push=AZmPxg-bOAnqBQKvCmltJjFrlHxpDKCpTM6sOi6bOZp0YZ3sOc8HTO5eMQMeNoO85xxZ93lediaAnwBRgHRmXmyQhPq1a_8GQiFU Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEI_NoMSduVIl13WqUb-hEmc&google_cver=1&google_push=AZmPxg-5w-ecYjWV494uPQ7l127ygbYhcupOlYjLEffThMfrwbsa4Wuxr651x0_roY91T8xJYu6Ei5HTiXZvLcg5XeLLTP9c7TA7RwM Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cybernews.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
img.youtube.com
m.exactag.com
media.cybernews.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.analytics.google.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.184.226
142.250.186.98
185.64.190.78
185.80.39.216
185.89.210.122
2001:4860:4802:34::36
2001:4860:4802:38::178
213.202.235.10
2606:4700:3108::ac42:283b
2606:4700::6811:180e
2606:4700::6812:e134
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c0c::9b
2a05:d01c:1d8:8100:240b:876d:668b:48c9
34.98.67.61
35.227.252.103
69.173.144.139
06fcf7cd6fc24e0d3352df132a54d3bb9612defd0542b69d7e02a0da248336b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0fdfd9d06d2aee732188e2a8273d1fda2957d186002bc95008b7630601ab4d06
117911d4fd161a4cd986ff95900fdfd92fa7b30d6dfdc4834535a7de39c1a57f
11c1d45b1415c4a3b5e331e4147dab6e300ed4a1386e094dd56dc5715d24ed74
11d676f2ce9c9d6896ff7b2238aa1923ed9310334abddd5011841577fd7a5b6c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
21c549c04460daf4d1c44d0b884d48cba84a1b8ddf365e808e15544ebe2e2fa2
258df724525d8ce0647be578471e40bb35b59ccc04e95c5bba0e71669327bc5c
2a48cb36708ba98ffcf1341fa60fbf3ce888810dcd40c3ae5d759340e063196b
2b2b6495234aa2646bcfad8579ab0a363afa80271e9e851eaea8dce76b81938b
2ea6f97df45f579a5a957420166c0c1853be31dabacce72f266950fa025c4c34
2f3f86a55ee63adda1f5695a7fc0a29fd66ef8638c4cf4de8a7497e1828a82e8
30c97c2e530bbbfe6d66ac7a6f1c9afcdbb0dc63b06f32bfa6f3e720c077c590
34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2
3ad0d9326f4ab2dd8452f78a527e7a73483c58df9244f9f82afad79285b466ed
4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4
450a0d014b5b126dcb47929bfd3b418adf2099b5ce4065234ca9c37106744a0c
482c4b337799844accae79a39af7df3523d8fe71638940dafa05279da5c27868
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4e017bf092aed0ef4d904cce0115aaed7ae9dfe17c57305e753667cb82d4a1e8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5136630d61ce4bbcc02c5e82798b4fe0f1f37173d93534b55b45e0cfbf4fe281
52df214424c14a92220c9d4f2c90335fce188a4b44a637171a21443ebf506a05
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a8836f225dee06c2eabcd726adc2460c0146bbcd345edd7362c77928d31ee4
66c1177c9665ec6ac42b8ccb4afd7c0523abed86f0e65e8815f1398f66897314
685587735a092c1429b2851bd2d5e546706af083d78ab19d7b50da23f1dfba8e
6976b1e225d48e5e0097d79498a99fc73f8b43cd4b693080aa5f6960e1ce50e4
71dd8522bd635c25b1b27746afab66bab297cb18cc34b348a2727b79d8870f3d
76d04eca2027515a759d89db8abc8ea810f650135207361d945d1b23a57cd4cf
772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48
7b290fba384f911a156f4bb897a15b546617fcd0a85a55aa73f4d019ca2588dc
7f3fc440a20ebb5dffe34159d0ffae133414abdb03bcce3610eb145657e0dbdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f734af168c9a81646dca3906c88833e5130766ae9641b5e9cf0086239fc28f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91cacf4fbbbeecf4513e8543e0f3c6439b83979cc3062c8e8e21538a0e03f9fc
934454dae9db46a600d5e77fb1286f0b085fdaacf61e36485a58156d827d633a
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06a2f9793302656aee99a4c2cd01fd14aefd5eb5bde8f42e0c5942f96d66be2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a5ae49f8c042631eeee0d14415c35c050b9f5d0ae000de36664cff84305451
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a847038c7bbbfd3d54a52b49380cf67d7dac0591657cba4e355b4dbd0b70864c
a88e9afc5fc07b78e8fe39a68a8c5cd749a509b57aa8aea6cd38a47cc231f64a
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09f7f306b18094de3d6d09b20cad1ce0c2d9fd775dbc236f83c16b7c96abf46
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b92ecb378529a0af768c29c3bb404cfe7b665f4ae8c61827183892db231b04cb
bc4b5698acdba338a3eb73845c70c8268d9daaf678eed6d1c816aa547c3829e9
bd4b21bf16796f8b1cdf801e048df3d36f3f05893b9e249ae871c1d6096c2ffd
c4884cbf6e0615b4e2843e78c027f88789e1ab3a3455633fb3b67c1273bc2872
cb7551007f8230ff4986cc917382ea8a3ab0a9bcbf92deaa01ce871bd5eb4a68
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d50a559c14ff3227f1309370e1267a0de0824c31bdedfcd9f1866e9044fa5a07
d5bb22a6597ef2f57413165e4e861117406c2d90c69dbb04f358d7bb08d310f0
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc571b7f67d0e7a3e6a24df177f1a12737412dc37d2d4d8cc211bd73b17656d4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe39bfce878c58b74d391af20937cc8436f2c5013f5983f4a49dcb923710f6a
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e9879759bbbb2c8ff2c605a1805478acc0c1425a8e4a0b1062f3f507ed8a28c6
ed13bd97ca8b59678a2148da4437e161f23777a53841520eeac03b8380c78e7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef352668bae50fc2aaae4a7d29f3b7cd94c3994ea1cb73332fcc50b59cdec1d6
f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fbb49d0b0f29e675b3fa465e4df5717e96845a6bcedc3ec49490d28e4934345e

cybernews.com Open in urlscan Pro 2606:4700:3108::ac42:283b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

90 %HTTPS

67 %IPv6

24 Domains

34 Subdomains

28 IPs

6 Countries

1928 kBTransfer

3720 kBSize

27 Cookies

6 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:283b Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

90 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

28
IPs

6
Countries

1928 kB
Transfer

3720 kB
Size

27
Cookies

128 HTTP transactions
8 data transactions