www.cyberscoop.com Open in urlscan Pro
18.64.103.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Submission: On April 14 via api (April 14th 2022, 1:13:28 pm UTC) from IN — Scanned from DE

Summary HTTP 223 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 33 domains to perform 223 HTTP transactions. The main IP is 18.64.103.11, located in United States and belongs to AMAZON-02, US. The main domain is www.cyberscoop.com. The Cisco Umbrella rank of the primary domain is 323609.
TLS certificate: Issued by Amazon on October 27th 2021. Valid for: a year.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 33	18.64.103.11 18.64.103.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
38	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
16	52.216.102.13 52.216.102.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e053	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.56.157 199.232.56.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.78.22 192.0.78.22	2635 (AUTOMATTIC) (AUTOMATTIC)
2 2	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
33	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	34.241.76.101 34.241.76.101	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
25	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
3	2600:9000:215... 2600:9000:2156:9a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	44.241.77.164 44.241.77.164	16509 (AMAZON-02) (AMAZON-02)
223	43

33 18.64.103.11 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-11.txl50.r.cloudfront.net

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.216.102.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.56.157 (London, United Kingdom)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:22::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.76.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-76-101.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:9a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.241.77.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-77-164.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com 63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com 555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	908 KB
33	cyberscoop.com 4 redirects www.cyberscoop.com — Cisco Umbrella Rank: 323609	651 KB
29	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	784 KB
16	amazonaws.com s3.amazonaws.com	68 KB
15	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	4 KB
14	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	422 KB
9	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 573 static.adsafeprotected.com — Cisco Umbrella Rank: 565 dt.adsafeprotected.com — Cisco Umbrella Rank: 517	95 KB
5	google.ro adservice.google.ro — Cisco Umbrella Rank: 45236	1 KB
5	gstatic.com fonts.gstatic.com	103 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 482 www.linkedin.com — Cisco Umbrella Rank: 603 px4.ads.linkedin.com — Cisco Umbrella Rank: 4702	3 KB
4	wp.com stats.wp.com — Cisco Umbrella Rank: 2657 pixel.wp.com — Cisco Umbrella Rank: 2521	7 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3990	60 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1059 trc-events.taboola.com — Cisco Umbrella Rank: 1698	18 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2374	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	428 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	114 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4897	5 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 10533	345 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	36 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5383	501 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2289	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2287	20 KB
1	t.co t.co — Cisco Umbrella Rank: 476	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 524	459 B
1	wordpress.com public-api.wordpress.com — Cisco Umbrella Rank: 7152	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2436	895 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 619	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 913	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	60 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6966	145 KB
0	atdmt.com Failed ad.atdmt.com Failed
223	33

	Domain	Requested by
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
33	www.cyberscoop.com	4 redirects www.cyberscoop.com
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net tpc.googlesyndication.com
25	securepubads.g.doubleclick.net	www.cyberscoop.com securepubads.g.doubleclick.net www.googletagservices.com b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
16	s3.amazonaws.com	www.cyberscoop.com
14	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com www.googletagservices.com
10	www.google.com	securepubads.g.doubleclick.net www.cyberscoop.com tpc.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.ro	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	dt.adsafeprotected.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
3	static.addtoany.com	www.cyberscoop.com static.addtoany.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	trc-events.taboola.com	cdn.taboola.com
2	pixel.adsafeprotected.com	1 redirects b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
2	www.facebook.com	www.cyberscoop.com
2	px.ads.linkedin.com	2 redirects
2	b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.cyberscoop.com connect.facebook.net
2	pixel.wp.com	www.cyberscoop.com
2	forms.hsforms.com	js.hsforms.net
2	stats.wp.com	www.cyberscoop.com
1	cdn.bizibly.com	b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
1	s0.2mdn.net	b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	www.google.de	www.cyberscoop.com
1	555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	www.cyberscoop.com
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	public-api.wordpress.com	www.cyberscoop.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
0	ad.atdmt.com Failed	b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
223	49

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.justice.gov
www.documentcloud.org
www.microsoft.com
www.eff.org
www.justsecurity.org
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com
jetpack.com

Subject Issuer	Validity	Valid
defensescoop.com Amazon	`2021-10-27` - `2022-11-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.google.ro GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Frame ID: EB0632ABC732054EFA845FFFD4CA4452
Requests: 93 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 3A276116F9642C69733F0FC92492705A
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 6D9D27DFFE7F689D4F9E94C58E2356A2
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: EC68681FD7116B491DD12AF6DA524B11
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 6492C098A8CFAC613A6061B217D29F1B
Requests: 9 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: C0B401619D711453D2E167F401F751DE
Requests: 1 HTTP requests in this frame

Frame: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAA86615D3FE0B155AB58C713C21A9D8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5VEq2A7I86S5LfArIQ7IFXQI74aNPIV2GCav39MixvJx9NzQrDL1T0jee_uw6wMfde0zxa2vKtSNnN9nuW_PaRp5Dc6FzyAGeBIEFCi-maqFlg37e92Z3O-bH_4vrNUBd0EIu3kQpQF47vntb1RrbO_Lx9vhZPSIZIWLk5hH5rncllNduB1GmXyyEafc7E7CskBWc1EXgibqD3DzjPpDQKT7HeQyujZ3IhvdE_OFbhrTiQfqyl9WsgBJagV0WBr_Pst0hi-LAetQOq0ROLcmUhj5uTBixHuhBl0vHAX8TVo16_zzoz3rp&sai=AMfl-YTBwVOK3sQAlHDKi8DUcTbSIaHXUAE6nn5vm67D1IQwuHlHcaG-LNkSbhZy4cpMBHsyI8K4zIJMTV8Kh4nWBWWyOixHytjEVo8oLT2PlDS5zlkbSnniWFVFJ4q320g&sig=Cg0ArKJSzLaCGodzHYdpEAE&uach_m=[UACH]&adurl=
Frame ID: 61606020E140C577A1B2B82FBCDDE3B7
Requests: 9 HTTP requests in this frame

Frame: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AD9F4DB75C3B3C2B516782BE93A473BE
Requests: 23 HTTP requests in this frame

Frame: https://e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E0CA05561C4D181A6481DF5EC2BBF5CD
Requests: 1 HTTP requests in this frame

Frame: https://63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8A59644329B09228C1833E3C892D377D
Requests: 1 HTTP requests in this frame

Frame: https://b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AF34102EF330EE87A01F4413E336F282
Requests: 1 HTTP requests in this frame

Frame: https://555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9A689B9B795FEF23D3BE22DB551E6D86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEqS_4EZLJ0Ny0GtbTp89g2IBG2LODIbmJCz4NBf4LrC2SLgo98-xrCPpa2wZs3TcPUqGe67vcVVDKLio2Uz7fV62wmAdpDaSK286PzvzHCkMJrHBDCaxi7hbOPvIXoXMTTD9O95Kx4ljTGCiztuQRlf5os0YD0RuY-X4HmI2e9lzbh7HiKKpHKeZnmefYAagsSxxxhJeYvf5LmBv7eBMCQtg4jYKTlSEGcMeiC-7-zTx1497gjtmwGplDYWTkwBAvl306IYSa6966-Ad8T5V6AHxdZyYtoGyam9-zh4jdsaA627oAg5hxWt4QQFLqSjlkgnR2j-VGIQ9gGuh1Sg1rysb&sig=Cg0ArKJSzBfdQx1UrPQ_EAE&uach_m=[UACH]&adurl=
Frame ID: 6FF6A1226EBB7DE1046FCB32E0C0F70A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOh-yVqjtqIkCZNbhm017L8OtiACT3zoFZjUF7k5uuFj_SlH9bPrJVXoWaM-7rJSJpgA0sPUkHfrxQWv_niiW3bDquKLNEhAs2dYhoocmVWi7cHv1cQpeiG2XUTQ2Iuh7E6fFGR9FetDE7A5ohB2rnJ0yN_xjG-s0bqt-d_bpjgAJ6QXrhnrp9E2mcOIcby_aGgavxHCeKoFJIUuNGeN7wNEV6uL39XmlD96dOMC45lHsQ6ReVSqQhZMmAVTsAbDNZPlrIi2CTHV1aX5dgtDImjDJENebChizixQmpGrm4HJa9MM4hI0sNfVFMy_doWNXTLvLw8eOZP6bcDdegbKoRH3THlg&sig=Cg0ArKJSzLEL9WeM5_zIEAE&uach_m=[UACH]&adurl=
Frame ID: 8058C9A4B41D3A2380F026310EC33619
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplFv-wv6UwbKqpE0h6-RCVJXT7SxGq2Ig_nOTloVAc1qxZZPjUFjwHpoqWxk2r_nlM02iFv5JvOwq0jWIk7YibL89YUbSlPGgs_dnjBPf4eBJh0GUZ4ODJAR16jeBSzAY3gnR77F7woHY2cTtMKPe1_qGveNcGssONrgCtKlGzk7_THpx2zI4PljT5NhslYN17qfjoC2hzTnRoYcoJXT5k-Iku25qSDBfiQcjZZLF2TwLTGROXccBvljNmVEu-KdxRzlaSkCrtx8czWh6Y3Cyq6eqSRjG5yNBeyj1r0m8fuaLE0x3O1tTNVO9KIiaPtfM2Uut2AuFUYRv93b2vUWQ&sig=Cg0ArKJSzHnmNkMOQ-HqEAE&uach_m=[UACH]&adurl=
Frame ID: 7F9777E1F767C9426E501AE398DD31FE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFPDcpqj0JEykUSMPT7WlkrQTwlwPZcNxVzS7RhUSDsZ9jHqpPHGEGnJoR62nD-YBD31Wgrg9MJzJoUKqkw6I08np_HjN_N7VNXNdIOXCikMwvWYLfYvkBEjuFI73sFLPvoNHyN4WxbTut9HGBDG6exOAUy-TbdMlnlD78hUHnxudpvXCUGYeF77f0bH6LKazdCQADl5-Siw1lDtyyNmP0td7Dae18gstzj4HV6-0V1ydZF-t9kMaaKWLsaYFEm_zA3nkK_aPMzcIVsSaHXF4mifWnfHdZIvE_sQ2SLMt7eI5UHJXYsJvS2b9PHCD8i5_Y6WRZqD3KUInY&sig=Cg0ArKJSzMnhwgJuNw44EAE&uach_m=[UACH]&adurl=
Frame ID: A324CB5114ACF451C3DD818F01D5DCCD
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7F12E293DDEABBB62ED2DFA3967F1464
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3FF823BF3B1E96C847B721EC280A4DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB4215820C8BA95B7814ECA31780A170
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4D129BB776DAF85BFF0B8BB746941F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5655F3416E05C5BDB275C02E0445644
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D36C31F7BB0F4ACCEB2780AAC6B0960
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF8C1A7AF039ED0BD5A4DE83B42F2665
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64A3A4E8FDB0645133FC85C45AE3D7F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4C7DDA5366A38113735559D9EDDC05D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E33775F80E94C0ED47CC90ED2516362B
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FC56BC4663ECC230B39D770B89342826
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B7CB266E8489BD1975C5EF3C93C85E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CECA55A03C2A981D7E461C2ED7B3779B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOJ's Sandworm operation raises questions about how far feds can go to disarm botnets - CyberScoopMagnifying GlassClose search resultsTag

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

223
Requests

99 %
HTTPS

64 %
IPv6

33
Domains

49
Subdomains

43
IPs

6
Countries

3552 kB
Transfer

8405 kB
Size

26
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-disruption-botnet-controlled-russian-federation
Title: disrupt a Russian botnet

Search URL Search Domain Scan URL

URL: https://www.documentcloud.org/documents/21580920-edca_sw_redacted_filed_0-2
Title: The government’s use of a search warrant

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-effort-disrupt-exploitation-microsoft-exchange
Title: The Justice Department announced a similar case last April,

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
Title: Microsoft alleged that a state-sponsored cyber-espionage group

Search URL Search Domain Scan URL

URL: https://www.eff.org/deeplinks/2016/04/rule-41-little-known-committee-proposes-grant-new-hacking-powers-government
Title: some have raised privacy concerns about federal operations like this one

Search URL Search Domain Scan URL

URL: https://www.justsecurity.org/75782/were-from-the-government-were-here-to-help-the-fbi-and-the-microsoft-exchange-hack/
Title: use a framework she read in the New York University School of Law publication Just Security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&__hssc=143679850.1.1649942001369&__hsfp=1541009889
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://jetpack.com/search?utm_source=poweredby
Title: Search powered by Jetpack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Request Chain 36

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Request Chain 37

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Request Chain 42

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Request Chain 88

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1649941998394%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E

Request Chain 204

https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:39a4a0a9-a8f4-4e96-afeb-63601ede463e,c:9LtRMe,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7f56698b44-hznq2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:483,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:555,oid:a772b6a5-bbf4-11ec-a040-4e7dcf265015,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

223 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/ 76 KB
20 KB 130ms
36ms Document
text/html 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: be71a1f9e05111031d7e550e05fe8c8bfa4b0f4c20d8380ca0979a4b4a7eb014

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:13 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/64322>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=64322>; rel=shortlink
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: kOUD5ZEzg0yrNoA2Vy9qxlow9O6qeUzCJvcvLnUHHyKc5btafA_22Q==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

GET
H2 200 /
www.cyberscoop.com/_static/ 96 KB
14 KB 37ms
35ms Stylesheet
text/css 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??-eJyNy0EOQDAQheELqYlQYiHOUu1EhmlJpyK9PRsJO8s/731w7oqC5cOhgBUBR5Jg4s2uimmKJmaQlBlLT6G8DwW8xSLg0ZFBRo8hfWJnkzEqxtnY/I/f27sfNPqhapu+62td6QuH1UGz
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 061473d06c676e692148c9e53870122e472f133abc759c56e871a162e79b9376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Fri, 08 Apr 2022 17:51:53 GMT
server: nginx
age: 146739
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 14166
x-amz-cf-id: LQOXMEr0PJnMek4h0HrByL7Ufx7mbirV8hQbUTN9kjAbt2bICyeFHA==

GET
H2 200 /
www.cyberscoop.com/_static/ 168 KB
27 KB 41ms
38ms Stylesheet
text/css 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
age: 662419
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 27224
x-amz-cf-id: 6C7a6sMjacJ8ezHz8rjycWQBzug-pvbrMzZnlwIPuJ6BKSX-bK-WhA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
804 B 46ms
20ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 13:13:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 13:13:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 11:47:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 13:13:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 13:13:17 GMT

GET
H2 200 /
www.cyberscoop.com/_static/ 88 KB
17 KB 42ms
40ms Stylesheet
text/css 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??/wp-content/plugins/add-to-any/addtoany.min.css,/wp-content/mu-plugins/jetpack-10.8/css/jetpack.css?m=1649173140
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: e8aa641f970d7f8010d991990de0cac0ed2f8136c931b5a14cbe8607c6c7fb9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
age: 56915
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 17254
x-amz-cf-id: NshxzlghcjdWwlnI_qTjdCnuvtYRvTUxSW2QELyXpxSmrErSpalEKQ==

GET
H2 200 / Show response
www.cyberscoop.com/_static/ 265 KB
82 KB 54ms
52ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??-eJyVkWFOwzAMhS9EFg3Y0H4gLsEF0sTr3KZ2sZ2h3J5s2gQ/oKKSJT/F73uKbP85O6SYSwL1Q6uPAlJvbTMhbQZ98EsmN2EvweCnOTIZkHk7wdSQ9nJVLtYORCPzfInpMtL4jpZhHadIfQaNwjmvJA3jWDs0/e23cy490hUuCuLCOVgQH1TB1B9zsLnh8q3WhyhkiPZ470sBISVn7ALVizRu4q97JFTzZ6DE4gV6IGgHYXFSyHCC/2BtNHOuR2wrXbKfmMf78t6m1+3++fByeNptd8MXnQjbog==
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Fri, 08 Apr 2022 17:51:53 GMT
server: nginx
age: 146739
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 83160
x-amz-cf-id: PqzxlnnuyhzS6n4kwzOzcet_8CiXkMZt8RHIPattAgVHl7nEVrm0WA==

GET
H2 200 i18n.min.js Show response
www.cyberscoop.com/wp-includes/js/dist/ 10 KB
4 KB 61ms
60ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 2056269
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 3968
x-rq: hhn1 0 4 9980
last-modified: Fri, 18 Mar 2022 14:57:07 GMT
server: nginx
etag: W/"62349dc3-28a7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: jihhYH1ltRvF3od8uok-EF1VbPpY7G6clhCciZ9f-PTPE3uW8Mzxtw==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 i18n-loader.js Show response
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-assets/build/ 6 KB
3 KB 62ms
60ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=7b3aca48d6809a4527c8a9bc9c7a1d1c
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 40905beca0f8b5ff867fa2f103e951dd2416853df1e8f7d7453a74708d779277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 589067
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 2428
x-rq: hhn1 0 4 9980
last-modified: Thu, 07 Apr 2022 17:16:16 GMT
server: nginx
etag: W/"624f1c60-17ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: y-SAtBUvyAG-gM058oRUXazBRVTk3azaCFaMedkDYLhiyrr7rVodWA==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 55 KB
17 KB 247ms
201ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db236586fe21257e3d9b959bdeb2e6883f01a09718c3ab73728e21f7a96c5ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: hD7ihgKeI7jv_ka6ffTkMBHiSWVwlMGH
content-encoding: gzip
etag: "b6d806962ac8eecdcdb3343909aebea8"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17361
x-amz-id-2: z/qzY8Fw+2WKE3ZPeSs7+Si8JADqg69VnOoElEvA7s7HrFNLZCKjPUjRtMQtbZOhyQYk8LpJ3tI=
x-served-by: cache-cdg20755-CDG
last-modified: Sun, 10 Apr 2022 11:16:14 GMT
server: AmazonS3
x-timer: S1649941998.793817,VS0,VE186
date: Thu, 14 Apr 2022 13:13:17 GMT
vary: Accept-Encoding
x-amz-request-id: K967GB5VC81W5XXA
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 14
x-cache-hits: 1

GET
H2 200 / Show response
www.cyberscoop.com/_static/ 151 KB
47 KB 59ms
58ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??-eJzTLy/QTc7PK0nNK9EvyUjNTS3WB4qAWbrJlUmpRcXJ+fkF+lnF+pl5mSW6JYlJ+fk5iXpZxTr6ROtMLCggTUNual4pUId9rq2hmYmlobmxoYlBFgBj/z5I
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
age: 662419
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 48037
x-amz-cf-id: 5oBOIjVzWw2vdlN2ZpoJp2BBMXvyLqUfE9_e95RZk5jQ06mn9qc-XA==

GET
H2 404 ads.js
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 0
0 58ms
57ms Script
text/html 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-rq: hhn1 0 4 9980
server: nginx
age: 21
x-cache: Error from cloudfront
content-type: text/html
x-amz-cf-pop: TXL50-P3
content-length: 146
x-amz-cf-id: i0cfcVio9phPAiHa3f0HfAXh0yfpBS37agI1qyUf86pQEdEMom_8sA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 47ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

3862062055d3517248ec20f289a416f90399a5ee6be769538ede47c12be79487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28365
x-xss-protection: 0
server: sffe
etag: "1186 / 707 of 1000 / last-modified: 1649934388"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 698ms
177ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: W8CDFKX1Q09Z12J2
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: M0/ZTIdQFqfwuQ3l6/RRAxYUHFOEn3esICqjtHYW/IdcZVHn1gYxx0a5C2kkorgzeepEoFaTEmk=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 653ms
121ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: W8C4G36SPN2Y9BEA
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: CdqVuBmjdQ0P4xeBQs9bXw/fg8HVIxta5jksCe0XgvaljCX2gq4hm6GiLy26UtycmrkWTkc0mF0=

GET
H/1.1 200
OK twitter.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 2 KB
2 KB 665ms
133ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: W8CATDEZ4A2XE6E3
ETag: "0bab5422023490b09b2590482b10e983"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2172
x-amz-id-2: OlPq5vUfefiFlWC29YfuRf3cMJpb7UBBYqMclZ3tZ3b8Sh7IiSP+esjMrHsXSbXjTf+shyOjSdQ=

GET
H/1.1 200
OK facebook.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 1 KB
2 KB 788ms
131ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: W8CD7TJ17SEGDQ1G
ETag: "0bb97e47c732a1645d42198a7b8b1397"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1272
x-amz-id-2: A9d1dfRgP36j53QQJxGiIdRpi+jphvxffqL47VkoVOKIBnFr2ExnHcT0bzZsE4UH4kTTLlbnybI=

GET
H/1.1 200
OK linkedin.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 2 KB
2 KB 790ms
125ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: W8CDM088P0R6A8XZ
ETag: "b05a15a980fa7ad56a297860e33c6327"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1857
x-amz-id-2: ssDHh7s+kNdhDfC2fT3RM87pkYtAXKnsxWMV3JXHhuxcojvnRPBcxPBeDeuS0gIPBIwGyf+mxOo=

GET
H/1.1 200
OK reddit.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 6 KB
7 KB 787ms
123ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: W8C009CQDSHV37GV
ETag: "8095452e62fa3cbcbdaf4ed982477485"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 6390
x-amz-id-2: kn/qJauRluIhk5OOX2JaXc+LhkYTETq/kaW1CZjixlFfjEtdtX/OcsKvJO81SI8Tsc3/+1GDrjI=

GET
H/1.1 200
OK gmail.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 1 KB
2 KB 277ms
128ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: W8C8315PK57F7562
ETag: "e5d4decd16518b9f60451876256ea22f"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1181
x-amz-id-2: n2mcbiTDR3NFKDxRTq/fcAzS28wpxnSfUUJRfg6QekZoRNtIGNZcvhfkSmywbQxQBNunWNi/DQ8=

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 144ms
139ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: W8C2S26RX8PQ1SW5
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: BlygMQyZUZyxnwixxfOXkzkDNPIC8hv6Xu2q7Lkk/m3NrSovU+nlxJ9HDywdw3AkiazStdgMZAY=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 567 KB
145 KB 120ms
78ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

711c4782a7b90e63b305aa18412fa3a98dc2f839703ccce66779009aaa7e955d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:17 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 Apr 2022 12:23:09 UTC
server: cloudflare
etag: W/"611f9e299e67dc9f3221d4b874ba1c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVu6JfuPrFKSmqvP3IxEjzIN3HjW5dsdRqbtRcecN4duO4xJfahp1kdUW9yogFPDs0nX6Ed5aYb5HAnSCsryHJzh2xyLT7QylkHrileRjZtjIVvAKB%2BPR%2FTp8FlMxWNrTUZPyZWXijRSL%2Bti"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: ybhgd2hYjNq34ZCseA1OWrg7D3AucCvE
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6fbcb2aebb7183a8-MXP
x-amz-cf-id: okdhm7ba40Wl3eA3aDbfafpgSMeiWkUAqxUKaA6zG9rWvF-7yu2Vzw==
x-hs-target-asset: FormsNext/static-5.478/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6dec0f40564ef3bd3d94ad102757fbce6068609abd1c337534e5b86ed4c7bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28364
x-xss-protection: 0
server: sffe
etag: "1186 / 270 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H2 200 / Show response
www.cyberscoop.com/_static/ 10 KB
3 KB 34ms
33ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/_static/??/wp-content/themes/wp-theme-cyberscoop/js/ads.js,/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?m=1649173140j
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
age: 662390
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-encoding: gzip
content-length: 2703
x-amz-cf-id: vU6E6N_-42omvfPJXZ7FBQWE2VuJ3K4RHmNhHdvXU6ncLupwkqCW1w==

GET
H2 200 jp-search.js Show response
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 7 KB
3 KB 34ms
33ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: fe1bd3df8f20fe537d1ad985ecd7b169c10e1d0e2cc0860bc4b4c326d152420f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 589068
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 3036
x-rq: hhn1 0 4 9980
last-modified: Thu, 07 Apr 2022 17:16:17 GMT
server: nginx
etag: W/"624f1c61-1c38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: WTIlEMhLHJvqCurR6zZgIKB-3V5086I_4hdvo3wzJM27iPOWRs1xQw==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 11 KB
4 KB 28ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?ver=202215
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
server: nginx
etag: W/"61dc645f-2a3d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Thu, 06 Apr 2023 06:09:45 GMT

GET
H2 200 e-202215.js Show response
stats.wp.com/ 9 KB
3 KB 26ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202215.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 03 Apr 2023 07:40:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 64ms
23ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c31206717e4cf04c88f77e76c09d06baba9bd7ff1a674cb13d5f564d9c69f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61268
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 18 KB
5 KB 38ms
35ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 662420
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 4926
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 23:38:53 GMT
server: nginx
etag: W/"624cd30d-4705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: 0h2jpIZJq_xITmu5s2cSQvK0jgrmpva_QD3AL8EgsWlsFCdNYsYN1A==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/ 5 KB
2 KB 35ms
35ms Stylesheet
text/css 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 2056268
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 1360
x-rq: hhn1 0 4 9980
last-modified: Mon, 14 Mar 2022 21:37:55 GMT
server: nginx
etag: W/"622fb5b3-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: cQuCs0mFk-_pxdBZX0IRIA66HKv3bWp3t8jm85CvQyhlSl2_E7CFQQ==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 83ms
37ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 162052
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6fbcb2b04f775a37-MXP
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 627ms
123ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: W8C8Y049RB2V4TFA
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: /Pe7shnRlrj4/QV3mTwQcSSjcsxWrtJ7sjl21AAZtjmx+LR2b2dQ+1EDidT/TjOVlBPeliKFhDM=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 625ms
121ms Image
image/svg+xml 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: W8C577NSMJ08D0WH
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: rnCsUc7HvZQMAAmkpmycqpkSI8SZLrLHLLUhPezplHHXKzdgNnJ4xJboDpsjRBeVtYEamgHCHtk=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ 22 KB
23 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:33:04 GMT
x-content-type-options: nosniff
age: 63614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22760
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:33:04 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/ 37 KB
37 KB 35ms
33ms Font
font/woff 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/PuristaMedium.woff
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Request headers

Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
content-encoding: gzip
age: 22
x-cache: Hit from cloudfront
content-length: 37579
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
etag: W/"624c6294-9340"
access-control-allow-methods: GET, HEAD
content-type: font/woff
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-id: dNg8no_FE_ojq7MRHejOM1P4ms1fupw-3n00pRC7_DK-E34gQxvebA==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 3A27
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Cl...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicros...

2 KB
1 KB

48ms
42ms

Document
text/html

18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 48f09c1e2f69b85f86be78957e151e15055d602a90023fa99174df1d25700fdb

Request headers

Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: 3ujnAOEt18HfqvkAAKgDM36NKKK3VNjIfrqnnr2_6oJ00lq3NsyrTg==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

Redirect headers

age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: NhgADVABVGlS21vCTE8K_Ovh1f1AiLDuuIryOOHpLgGtoBMg8Qamgw==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn1 0 4 9980

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 6D9D
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%...
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

1 KB
1 KB

44ms
43ms

Document
text/html

18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 902a2c3c6fb931f76bb5aa75cd565243c413b93c144a4e7d10a16da906979214

Request headers

Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: 9c9PFTu_a1FaZyu-XeW1S1-uxWkQZb7qONvZpyPwtaIib5NpUGGT0A==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

Redirect headers

age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: rTeFM0aRtrI_bCKSIjcKYUEovBaTAcfu7vbZVGA3-NczRO3b1tjjsQ==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn1 0 4 9980

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame EC68
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Cru...
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

2 KB
1 KB

78ms
77ms

Document
text/html

18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: aa8329e8b5a41a9fbe7617d77334dcdf25bbeac69316923e4d09c14617568da1

Request headers

Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: U9BTm8ZpXrr3SEzp2YLkb2BnKCjt-OWgYq4f76vbjweoOm_IPxyhYA==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

Redirect headers

age: 4
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: IK6hm72b74CUFhrmAuJibT-nAvNKLvo2BhRcIOdWZJqxGWGXMNUQug==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn1 0 4 9980

GET
H2 200 GettyImages-1389898678.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/ 297 KB
298 KB 55ms
42ms Image
image/webp 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-1389898678.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: ed5e39a5e31422d00c47d556b404949be82c30c2face801c020c343c7457a615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 109 83 443
last-modified: Mon, 11 Apr 2022 12:59:35 GMT
server: nginx
age: 4
etag: "5355c6a59c29aefb"
x-cache: Hit from cloudfront
content-type: image/webp
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 304544
x-amz-cf-id: IKgZgnhGXSRilz5jyR-V11pEsPqcIkiDudqVoiiDi8BUAFaGkUK2Jg==
expires: Tue, 11 Apr 2023 12:59:35 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ 23 KB
23 KB 23ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:32:13 GMT
x-content-type-options: nosniff
age: 63665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23724
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:32:13 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 25 KB
25 KB 28ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 23:27:02 GMT
x-content-type-options: nosniff
age: 567976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25384
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Apr 2023 23:27:02 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/ 22 KB
22 KB 26ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v15/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:32:11 GMT
x-content-type-options: nosniff
age: 63667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22592
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:05:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:32:11 GMT

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 6492
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Ch...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clega...

2 KB
1 KB

38ms
37ms

Document
text/html

18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 6381b7a6fdaca498a044bd187938dc27d9c6a2c96d8b10854b17c12a34b9bf4c

Request headers

Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: IguE8MswSkHt0-gL-r4v5rBhJnW7QavNLGLyyzZ1nnjEDVBx8WXcEQ==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 4 9980

Redirect headers

age: 4
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 13:13:14 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server: nginx
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id: iYhjpq7MGRYeMr9Fso9Tmo3tDSsha_K_Kk48aQWJHivRuBwRPFhd5g==
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn1 0 4 9980

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/ Frame 0
0 374ms
147ms Preflight
text/plain 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.cyberscoop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 6fbcb2b269a459dd-MXP
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 14 Apr 2022 13:13:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: d389c9fb-a4a7-4aa0-9ae0-ad4907b24d76
x-robots-tag: none
x-trace: 2B93AB7D679AB606A30ED0E715E75846692E3D55F7000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/ 20 KB
5 KB 222ms
197ms XHR
application/json 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b89cc38fc329aa1d948f3954ac2203be3ae9ac754d34ac9e0ac1fc1c532e3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.cyberscoop.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 56b5c1df-8ef3-4110-b71a-b0c0c288fe51
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B655C7F7FA0BEE2EC5F6369DAE554262DD3016D41000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6fbcb2b37a7c3759-MXP
access-control-allow-headers: *

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 11ms
10ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.35710839690384044
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Apr 2022 13:13:18 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 gettyimages-1160498103-170667a.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2019/10/ 7 KB
8 KB 39ms
39ms Image
image/webp 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/sites/3/2019/10/gettyimages-1160498103-170667a.jpg?w=274
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: fdd79ce550004a168443858d7317ae45f42e4eb262ca17b32c64a1a30c088399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 109 88 443
last-modified: Thu, 14 Apr 2022 00:27:04 GMT
server: nginx
age: 4
etag: "741b5e8c9421f938"
x-cache: Hit from cloudfront
content-type: image/webp
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 7676
x-amz-cf-id: Uaefgp-RrKAA6RnRDDWfnK-ZoQSDH3JP9ryzHGFi_D13iUlHxAGz7A==
expires: Fri, 14 Apr 2023 00:27:04 GMT

GET
H2 200 GettyImages-695501064.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/ 11 KB
11 KB 40ms
40ms Image
image/webp 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-695501064.jpg?w=257
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 5b52bb673705cc657cee64d8e88f6090d9cd8f5c9eb77bc9feb41788ab10e388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 109 83 443
last-modified: Wed, 13 Apr 2022 20:54:06 GMT
server: nginx
age: 4
etag: "43d6615aab060937"
x-cache: Hit from cloudfront
content-type: image/webp
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 10850
x-amz-cf-id: BCWOVRhNNKyFluBA-VtXvVfhRBF-ecRI4o7-FJA4EMGMaRWp1PDoFg==
expires: Thu, 13 Apr 2023 20:54:06 GMT

GET
H2 200 GettyImages-1293288098.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/ 14 KB
15 KB 39ms
38ms Image
image/webp 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-1293288098.jpg?w=257
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 2fe0f61deac89fba6919104a3ead56be8b6c7998bfd712b198e1fe260233e55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 109 88 443
last-modified: Wed, 13 Apr 2022 19:58:22 GMT
server: nginx
age: 4
etag: "17ab94f57b9c9ab7"
x-cache: Hit from cloudfront
content-type: image/webp
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 14714
x-amz-cf-id: T16SIf1fjEuCe0jk1KruuxFzjDrBtO9hFb14EfANx1v-Gn9JFu2vxQ==
expires: Thu, 13 Apr 2023 19:58:22 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 361 B
744 B 39ms
37ms Image
image/png 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Mon, 14 Mar 2022 21:37:55 GMT
server: nginx
age: 2056214
etag: "622fb5b3-169"
x-cache: Hit from cloudfront
content-type: image/png
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 361
x-amz-cf-id: lm0YhFOXLDowuqoCMt9fOOx5J5_j-NDkCBlQSj_stIBRHUwZQ7hhXQ==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 481 B
863 B 40ms
38ms Image
image/png 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
x-rq: hhn1 0 4 9980
last-modified: Mon, 14 Mar 2022 21:37:55 GMT
server: nginx
age: 2056214
etag: "622fb5b3-1e1"
x-cache: Hit from cloudfront
content-type: image/png
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 481
x-amz-cf-id: FlV51W9tBW83DsolP-_BTzqM6wvAbJvO6o4pkXQQurdTXRIaFHDrvA==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 946 B
1 KB 40ms
39ms Image
image/png 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 2056214
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 969
x-rq: hhn1 0 4 9980
last-modified: Mon, 14 Mar 2022 21:37:55 GMT
server: nginx
etag: W/"622fb5b3-3b2"
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: ObKhljazUeO-qpRyQHFqdYrPbUB7RdaLLG4t_EugHQ9ILpek01PXrA==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/ 2 KB
1 KB 39ms
37ms Image
image/svg+xml 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
content-encoding: gzip
age: 390
x-cache: Hit from cloudfront
content-length: 669
x-rq: hhn1 0 4 9980
last-modified: Tue, 05 Apr 2022 15:39:00 GMT
server: nginx
etag: W/"624c6294-625"
content-type: image/svg+xml
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: _rs12OCvM5D4ZKHwRDzk49aocCFFrmBwmJJyaoHhV6EAdiYvq2cDkg==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 121ms
119ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: W8C1X4D9Z7CV0W8Y
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: jV+uLm20/tNocdL4tJUHA0rfNuz61woHWFPj6aKFF+i7R2xeTBdpGxW/H6eo8+csu2IiftSVR0w=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 139ms
115ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: W8C7BC9689CMKVH0
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: 1EJ2jgiECGZK2dx4kxmHmgFWB1wiPbxv5eJ9tXEgroR6kHXOsmRlG1xYR2ddUYcIrGhl3MLJ2vo=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 130ms
115ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: W8C0AG37PMV24KQB
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: Z7qf4DTQrrIYrx+T+YcUmtyheOejLaaR323UNuOW6TkOKmiXUdR/b02pxHCIK5yz2NPnTMpzOqE=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 129ms
114ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: W8CC6CVHY3VDX7WF
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: NibusQZEw3bG0+nh1tUsOeTJ5AUULuVkFZaYhDN2ZYGeoGZW5HRoZnfcyGQJBw2Qg6p+zE1sO6I=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 127ms
114ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 25 Aug 2021 20:12:45 GMT
Server: AmazonS3
x-amz-request-id: W8CE26JM6HAXEE4G
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: D2+FNJC5hpJL3zIrAkysvi1bJaKLna4Z0BT3BTMuVxcKUn8OE5bLEiK4fVnrBpGIxs21fqUxAqw=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 116ms
112ms Image
image/png 52.216.102.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified: Wed, 25 Aug 2021 20:12:37 GMT
Server: AmazonS3
x-amz-request-id: W8C2DZBCAT2440HK
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: HINgddwQcKuDzU+watGG1fK5TNW8Qz0vKqVP5swkIs4gRMsSycdx66mf/Cd9p0chE2p8d6ZE+rE=

GET
H2 200 g.gif
pixel.wp.com/ 50 B
75 B 15ms
5ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=200379745&post=64322&tz=-4&srv=www.cyberscoop.com&hp=vip&host=www.cyberscoop.com&ref=&rand=0.9047929712487157
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Apr 2022 13:13:18 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 454.js Show response
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 50 KB
18 KB 49ms
41ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/454.js?minify=false&ver=948c2c9d7b88a153508e
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 3d5c432ac1f87c116b88388348b78c08278195f455202173393b9c0576bfb6ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 589068
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 17719
x-rq: hhn1 0 4 9980
last-modified: Thu, 07 Apr 2022 17:16:17 GMT
server: nginx
etag: W/"624f1c61-c704"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: _p1xQlIM9Adf-DxBdAFh1fA8qphJj_8oydIR95qUSr9BvK58XMGfkA==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 jp-search.chunk-main-payload.css
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 31 KB
5 KB 47ms
40ms Stylesheet
text/css 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=aaceb2477698617460cf
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 589068
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 4299
x-rq: hhn1 0 4 9980
last-modified: Thu, 07 Apr 2022 17:16:17 GMT
server: nginx
etag: W/"624f1c61-7d7c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: L4BkfaERhVzp4cj0XldxssXXSnamFILlI97jB4B9f9mjDk2HBhl0Dw==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H2 200 jp-search.chunk-main-payload.js Show response
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 74 KB
19 KB 50ms
43ms Script
application/javascript 18.64.103.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=6ffb9dd4678b2461bfeb
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-11.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: e448366ba538d2d65714f62ae1af89f2f5dd3ccc64af549bb3a84d9cea541dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:14 GMT
via: 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age: 589068
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 19052
x-rq: hhn1 0 4 9980
last-modified: Thu, 07 Apr 2022 17:16:17 GMT
server: nginx
etag: W/"624f1c61-1260c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-amz-cf-id: jFkE1wGshTB5nGVZxEuAqVdN0A6_zuJgIkkHuuUYOvPDrKthzwQQqQ==
expires: Fri, 14 Apr 2023 13:13:14 GMT

GET
H3 200 pubads_impl_2022040701.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 26ms
10ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127673
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 10:14:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 51 B
87 B 42ms
21ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e68b1ea6c9a742a416a355c1a63563cf0f49b374300cb956a03a3e25c9475242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame C0B4 741 B
820 B 95ms
51ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 644643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 6fbcb2b2addc83ac-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 13:13:18 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 116ms
60ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13413569
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6fbcb2b2add883ac-MXP
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 112ms
15ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 662
Date: Thu, 14 Apr 2022 13:13:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=36968
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 115ms
17ms Script
application/javascript 199.232.56.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.56.157 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:09:32 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200176-IAD, cache-lon4275-LON

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 86ms
0ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: WW7Hg1UaiEfLOD6cP8Vfewl1S0Bbayox4Pn2CLF3BbkDKd1WB78MMFx5TrhZqqi1DLasHs9NfSXK+jFQ9KVPbQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 14 Apr 2022 13:13:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 964 B
895 B 611ms
517ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb0a20937ab75c11ddb5e115d59675e5b106ebb5e755c41a15d98889a97e659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 846bca37-46cb-4ac4-acca-d910ec0ce7da
last-modified: Thu, 14 Apr 2022 13:08:03 GMT
server: cloudflare
x-trace: 2B9B2B618992BB8E3F5261116F4150E740FF293042000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6fbcb2b34afd839c-MXP
expires: Thu, 14 Apr 2022 13:14:19 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3A27 83 KB
28 KB 33ms
20ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28365
x-xss-protection: 0
server: sffe
etag: "1186 / 178 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6D9D 84 KB
28 KB 39ms
24ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28616
x-xss-protection: 0
server: sffe
etag: "1186 / 341 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EC68 83 KB
28 KB 47ms
28ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28365
x-xss-protection: 0
server: sffe
etag: "1186 / 144 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6492 84 KB
28 KB 46ms
27ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

b66f00fa51e00b4daa0b385cdd42b15739a813febb9f9cb9faf14b4a4db2a342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28616
x-xss-protection: 0
server: sffe
etag: "1186 / 649 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 13:13:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3367
date: Thu, 14 Apr 2022 12:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Apr 2022 14:17:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.ro/adsid/ 107 B
792 B 55ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 46ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
20 KB 60ms
59ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2814599767980077&correlator=4369690492477379&eid=31067075%2C31064018%2C31065517&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&ifi=1&adks=113530204&sfv=1-0-38&ecs=20220414&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1649941998231&lmt=1649941998&dlt=1649941997035&idt=1012&biw=1600&bih=1200&adxs=480&adys=365&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=640x480&fws=4&ohw=1600&ga_vid=1602128739.1649941998&ga_sid=1649941998&ga_hid=928806685&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

77a38038fc67fe9bccd2c9f988c074bf3ee2148e9fa3d6a7bed04947ff8b4863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19940
x-xss-protection: 0
google-lineitem-id: 5908512188
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138380260324
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 66ms
66ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2814599767980077&correlator=4369690492477379&eid=31067075%2C31064018%2C31065517&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcomemobile&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3498381169&sfv=1-0-38&ecs=20220414&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1649941998246&lmt=1649941998&dlt=1649941997035&idt=1012&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=300x250&fws=132&ohw=1600&ga_vid=1602128739.1649941998&ga_sid=1649941998&ga_hid=928806685&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

78ad903f00303d7180dc8da76cf1613105d8e64eaabce1d8b38c2094e0156c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9441
x-xss-protection: 0
google-lineitem-id: 5930159482
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381977237
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAA8 6 KB
4 KB 77ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:18 GMT
expires: Fri, 14 Apr 2023 13:13:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022040701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3A27 368 KB
125 KB 10ms
8ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 09:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127673
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 13 Apr 2023 09:04:16 GMT

GET
H3 200 pubads_impl_2022041201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6D9D 369 KB
125 KB 12ms
12ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127945
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 08:36:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 08:52:31 GMT

GET
H2 200 search Show response
public-api.wordpress.com/rest/v1.3/sites/200379745/ 11 KB
3 KB 296ms
248ms Fetch
application/json 192.0.78.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/rest/v1.3/sites/200379745/search?fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=shortcode_types&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=6ffb9dd4678b2461bfeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

25d8e04096ef84239b0c6ebbd7f1e834fbbf4489ecbb94ef1373efb76346a9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-hacker: Oh, Awesome: Opossum
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: false
x-ac: 1.hhn _dfw
strict-transport-security: max-age=15552000
host-header: WordPress.com
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 pubads_impl_2022040701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EC68 368 KB
125 KB 11ms
10ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 09:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127673
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 13 Apr 2023 09:04:16 GMT

GET
H3 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6492 362 KB
123 KB 10ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 12:22:02 GMT

GET
H3 200 896395920528126 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 66ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

742d2f7f43e3eb8c7e5a12f24afcd4dcc03e11a31223060eb03d95b91ec07cc7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: fkDfML/vzjEmvPcFKlcB5A+YSa/rrFXM8RWbciv4ug2BFgE25EbTgLMS+qUOgeqQ1wcAetdqD3D48A1kF1mTig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Apr 2022 13:13:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-b...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1649941998394%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fd...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-b...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-...

0
264 B

177ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2A3F22174091495686B547F7551E3A54 Ref B: FRAEDGE0708 Ref C: 2022-04-14T13:13:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcnQ7Q6KyLL2TyNRp4Mg==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 14 Apr 2022 13:13:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C4C8B67EEAF64EEBA1336373B0B3140F Ref B: VIEEDGE1216 Ref C: 2022-04-14T13:13:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcnQ7L8xLrxvztz4lisw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
20ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=928806685&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&dp=%2Fwelcome%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&ul=en-us&de=UTF-8&dt=DOJ%27s%20Sandworm%20operation%20raises%20questions%20about%20how%20far%20feds%20can%20go%20to%20disarm%20botnets%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=320719015&gjid=1658833815&cid=1602128739.1649941998&tid=UA-80491860-1&_gid=988392867.1649941998&_r=1&gtm=2wg460KR697BF&z=807380422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
521 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 11:21:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 13:13:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6160 0
0 46ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5VEq2A7I86S5LfArIQ7IFXQI74aNPIV2GCav39MixvJx9NzQrDL1T0jee_uw6wMfde0zxa2vKtSNnN9nuW_PaRp5Dc6FzyAGeBIEFCi-maqFlg37e92Z3O-bH_4vrNUBd0EIu3kQpQF47vntb1RrbO_Lx9vhZPSIZIWLk5hH5rncllNduB1GmXyyEafc7E7CskBWc1EXgibqD3DzjPpDQKT7HeQyujZ3IhvdE_OFbhrTiQfqyl9WsgBJagV0WBr_Pst0hi-LAetQOq0ROLcmUhj5uTBixHuhBl0vHAX8TVo16_zzoz3rp&sai=AMfl-YTBwVOK3sQAlHDKi8DUcTbSIaHXUAE6nn5vm67D1IQwuHlHcaG-LNkSbhZy4cpMBHsyI8K4zIJMTV8Kh4nWBWWyOixHytjEVo8oLT2PlDS5zlkbSnniWFVFJ4q320g&sig=Cg0ArKJSzLaCGodzHYdpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 6160 19 KB
8 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:12:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 6160 3 KB
1 KB 52ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:11:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6160 119 KB
36 KB 363ms
362ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6160 0
0 53ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrRNt3vLTflJpW-ude22a3b5AGLn973TnxKcxi31-mabXRX4PsHaTQWG50W3ZOIygRh97UKchgiTxPXr0yRqJIzPVjpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 17171698307552820954
tpc.googlesyndication.com/simgad/ Frame 6160 298 KB
299 KB 52ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17171698307552820954

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 19:50:00 GMT
x-content-type-options: nosniff
age: 235399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305541
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 14:48:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Apr 2023 19:50:00 GMT

GET
H3 200 container.html Show response
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD9F 6 KB
3 KB 28ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:18 GMT
expires: Fri, 14 Apr 2023 13:13:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 182ms
121ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4f01d6c1-fcd1-4491-adf6-5d89e3bb7f7e&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 09764fd71a04b0628dfd7c43b7a8a6e4a06a2a720636a7bd538ea3dc8f92c152
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 177ms
127ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4f01d6c1-fcd1-4491-adf6-5d89e3bb7f7e&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 116
date: Thu, 14 Apr 2022 13:13:18 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: cf1458e6f516305db7aacca9ff93ab8287f1e27a96b32d243de9f623bac97983
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 69ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&gjid=1658833815&_gid=988392867.1649941998&_u=YAhAAEAAAAAAAC~&z=452148438

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Apr 2022 13:13:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ro/adsid/ Frame 3A27 107 B
122 B 35ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3A27 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3A27 51 KB
20 KB 63ms
62ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2691086534282747&correlator=2033180710239008&eid=31065713%2C31067065%2C31064019&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=13849420&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998687&lmt=1649941998&dlt=1649941997576&idt=1059&biw=1600&bih=1200&isw=1600&ish=150&adxs=0&adys=170&ucis=38wepadzojyq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-P3VNJduYXS-leaderboard%26categories%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&fws=0&ohw=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=159839256&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c14ae3d7e4f0cc73a2c5bd40b1898f267ec2a6f9f733f93225750e5d9154a45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20169
x-xss-protection: 0
google-lineitem-id: 5970550983
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138386999426
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0CA 6 KB
0 36ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:19 GMT
expires: Fri, 14 Apr 2023 13:13:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.ro/adsid/ Frame 6D9D 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6D9D 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6D9D 50 KB
20 KB 60ms
57ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1401623283798113&correlator=2209984514183666&eid=31067090%2C44761482&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4064999910&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=position%3Dstatic%26Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm%26categories%3Dthreats&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998756&lmt=1649941998&dlt=1649941997594&idt=1132&biw=1600&bih=1200&isw=310&ish=250&adxs=983&adys=1425&ucis=fdv03oaixj34&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=902284911&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0b7f3bebdb1384bfd4208ccc6aa7771962e3a8ef6e2f458e5a1667e2c92fafa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20037
x-xss-protection: 0
google-lineitem-id: 5970550983
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138387074202
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A59 0
0 40ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:19 GMT
expires: Fri, 14 Apr 2023 13:13:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1649941800000/ 62 KB
20 KB 631ms
573ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1649941800000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:20 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 03FAJR1FDRBCSW2D
x-amz-server-side-encryption: AES256
cf-ray: 6fbcb2b8f97b3757-MXP
x-amz-id-2: qRDI4cLSCahDvf0He3SRN7PFg4pF2oX7awLNJ5vVm7W7JAeS9/J79Kn5c9vlGgt9xdGSVCiLSxo=
last-modified: Thu, 24 Feb 2022 12:07:10 GMT
server: cloudflare
etag: W/"1fa5c84f0d8dafc6fe327ea7de52c297"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 14 Apr 2022 13:18:19 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 61 KB
16 KB 602ms
510ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: T9XE7Y3GZZVH5P5S
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 8c/It0oZDiiGyRS6t3VkzMJzuckIOegpO3mX0Hj5xiDul+eAQZiJc4pAG/oE4Pufjcj/MiatjiI=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 20:45:11 GMT
server: cloudflare
etag: W/"fe1f8d01c1ccff5464f811298450eadd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: P7RL02J__oOn5v952CjOhmYEuyztTg7c
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6fbcb2b9385b83ac-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 14 Apr 2022 13:18:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.ro/adsid/ Frame EC68 107 B
122 B 30ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EC68 107 B
122 B 30ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EC68 50 KB
19 KB 76ms
76ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3855446623576426&correlator=2987337211511525&eid=31067065%2C31064225%2C31067072&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2863372106&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998852&lmt=1649941998&dlt=1649941997661&idt=1158&biw=1600&bih=1200&isw=300&ish=600&adxs=983&adys=1690&ucis=j5t3mx6czro7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=345656741&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5156369f789f88745eb663cd28046ec6d8480e46cd4416315a5d1dd576101fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19841
x-xss-protection: 0
google-lineitem-id: 5970550983
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138387375483
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF34 6 KB
0 53ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:19 GMT
expires: Fri, 14 Apr 2023 13:13:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.ro/adsid/ Frame 6492 107 B
122 B 41ms
38ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6492 107 B
122 B 36ms
34ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6492 51 KB
20 KB 77ms
77ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=957994596409965&correlator=577184023344640&eid=31067075%2C31067111%2C44759850&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=3048910702&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=position%3Dbottom%26categories%3Dthreats%26Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998911&lmt=1649941998&dlt=1649941997818&idt=1059&biw=1600&bih=1200&isw=980&ish=250&adxs=0&adys=7441&ucis=c977wq7vjbpy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-9J4uXQtutz-billboard%26category%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=2000655955&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ff4aa1f679d608f7277b0014a328b148ead0bddee3a60ebd189561826f26998c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19939
x-xss-protection: 0
google-lineitem-id: 5970550983
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138386999426
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A68 0
0 131ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:19 GMT
expires: Fri, 14 Apr 2023 13:13:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 98ms
17ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&rl=&if=false&ts=1649941998949&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649941998947.1946963274&it=1649941998383&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AD9F 22 KB
7 KB 83ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 10:47:39 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame AD9F 24 KB
9 KB 60ms
56ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9360
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 15:00:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:48:23 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/779519/61003950/ Frame AD9F 46 KB
12 KB 137ms
38ms Script
application/javascript 34.241.76.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Requested by: Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-76-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 269ae13eec900cdc06e8a846d1e04c0628457519fedd8e7c4bde3187655dedec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD9F 119 KB
36 KB 65ms
62ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 105ms
35ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&_u=YAhAAEAAAAAAAC~&z=974269421

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 113ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&_u=YAhAAEAAAAAAAC~&z=974269421

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6 0
0 64ms
58ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEqS_4EZLJ0Ny0GtbTp89g2IBG2LODIbmJCz4NBf4LrC2SLgo98-xrCPpa2wZs3TcPUqGe67vcVVDKLio2Uz7fV62wmAdpDaSK286PzvzHCkMJrHBDCaxi7hbOPvIXoXMTTD9O95Kx4ljTGCiztuQRlf5os0YD0RuY-X4HmI2e9lzbh7HiKKpHKeZnmefYAagsSxxxhJeYvf5LmBv7eBMCQtg4jYKTlSEGcMeiC-7-zTx1497gjtmwGplDYWTkwBAvl306IYSa6966-Ad8T5V6AHxdZyYtoGyam9-zh4jdsaA627oAg5hxWt4QQFLqSjlkgnR2j-VGIQ9gGuh1Sg1rysb&sig=Cg0ArKJSzBfdQx1UrPQ_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 6FF6 19 KB
8 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:12:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 6FF6 3 KB
1 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:11:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FF6 119 KB
36 KB 39ms
34ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 200 11144123879432257981
tpc.googlesyndication.com/simgad/ Frame 6FF6 68 KB
68 KB 25ms
21ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11144123879432257981

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed7146242c28ffe4badb868985c73fba2a8a54a500f3433d0aaafccc2f9dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 13:23:17 GMT
x-content-type-options: nosniff
age: 258602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69241
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 18:45:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Apr 2023 13:23:17 GMT

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 10 KB
10 KB 14ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 23:35:55 GMT
x-content-type-options: nosniff
age: 567444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9828
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Apr 2023 23:35:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8058 0
0 49ms
44ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOh-yVqjtqIkCZNbhm017L8OtiACT3zoFZjUF7k5uuFj_SlH9bPrJVXoWaM-7rJSJpgA0sPUkHfrxQWv_niiW3bDquKLNEhAs2dYhoocmVWi7cHv1cQpeiG2XUTQ2Iuh7E6fFGR9FetDE7A5ohB2rnJ0yN_xjG-s0bqt-d_bpjgAJ6QXrhnrp9E2mcOIcby_aGgavxHCeKoFJIUuNGeN7wNEV6uL39XmlD96dOMC45lHsQ6ReVSqQhZMmAVTsAbDNZPlrIi2CTHV1aX5dgtDImjDJENebChizixQmpGrm4HJa9MM4hI0sNfVFMy_doWNXTLvLw8eOZP6bcDdegbKoRH3THlg&sig=Cg0ArKJSzLEL9WeM5_zIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 8058 19 KB
8 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:12:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 8058 3 KB
1 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:11:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8058 119 KB
36 KB 40ms
34ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8058 0
0 25ms
20ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEl1ZE5ThezcDZGt0Eq4wLN9ljKIXkLqv-833QLC_gi95_qYogC8i0e79QF45vbfh5auYoxgkqqpR8uvlDHb-NO5M_wg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 12868045350961133607
tpc.googlesyndication.com/simgad/ Frame 8058 68 KB
68 KB 15ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12868045350961133607

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 14:16:20 GMT
x-content-type-options: nosniff
age: 428219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69991
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 18:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 14:16:20 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1035174/log/3/ 0
249 B 134ms
16ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=1747&scd=14&ssd=1&est=1649941997349&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1649941999096&mrir=u&vi=1649941997346&ref=null&cv=20220410-1-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.cyberscoop.com
pragma: no-cache
date: Thu, 14 Apr 2022 13:13:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F97 0
0 60ms
59ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplFv-wv6UwbKqpE0h6-RCVJXT7SxGq2Ig_nOTloVAc1qxZZPjUFjwHpoqWxk2r_nlM02iFv5JvOwq0jWIk7YibL89YUbSlPGgs_dnjBPf4eBJh0GUZ4ODJAR16jeBSzAY3gnR77F7woHY2cTtMKPe1_qGveNcGssONrgCtKlGzk7_THpx2zI4PljT5NhslYN17qfjoC2hzTnRoYcoJXT5k-Iku25qSDBfiQcjZZLF2TwLTGROXccBvljNmVEu-KdxRzlaSkCrtx8czWh6Y3Cyq6eqSRjG5yNBeyj1r0m8fuaLE0x3O1tTNVO9KIiaPtfM2Uut2AuFUYRv93b2vUWQ&sig=Cg0ArKJSzHnmNkMOQ-HqEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 12868045350961133607
tpc.googlesyndication.com/simgad/ Frame 7F97 68 KB
68 KB 15ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12868045350961133607

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 14:16:20 GMT
x-content-type-options: nosniff
age: 428219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69991
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 18:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 14:16:20 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 7F97 19 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:12:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 7F97 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:11:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F97 119 KB
36 KB 48ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F97 0
0 43ms
41ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTR-XDb5oz67JqujEfMc798o9kiUiCzD7LLpfwVC19ylmjLuuH52X9-Bg42eahtnxyILnokdDxs3y5M8Gd-xpcK2NCZhw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6160 0
0 64ms
63ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvuIy7O-kstoWwPauJjOKH9ZV-EbIAWq3_gy5dwRHVNmcZQKvklVonGTllbGJoru2VndUHTS3xLxtD6D7JzrVVY55IxdUGkB49xV7ywi7IIl2lJLzn_sILoLcuJlR4ATi6EiRaJQZTejvYSV5S26CS3-CoOGbNuVn1nhJMZY6IoQHBE5VVvlaJXRUnveY2yyE2fjynOUvMVPvp0kHVTfeM-w0q_mJNpC74DgcaTGxkz6aU2tk5vaogpYafenFV7m_t9JqiZgFcuNp7TeAq53W2z1Ys5ytSG8OldUUQI8hjTu6-wvnK9ejunO0&sai=AMfl-YTwBzAHDZJ_0EW5AD2LRGpqRv5Vq4hmbXRhlb6hTNbUxidHhDp4WyN86ci1K47SYmxvDmi4nKYfeaHRhNv82tAOS0rsF61SvpfcCF0V4-5GbrKSiKsCgkHOQYMyYPs&sig=Cg0ArKJSzAXBJ5WVsCAsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
DATA 200
OK truncated
/ Frame 6160 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a42a82c513ff8d2c5a29542beb4e212ab8aca348c9badf8db63072cac02287

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A324 0
0 55ms
43ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFPDcpqj0JEykUSMPT7WlkrQTwlwPZcNxVzS7RhUSDsZ9jHqpPHGEGnJoR62nD-YBD31Wgrg9MJzJoUKqkw6I08np_HjN_N7VNXNdIOXCikMwvWYLfYvkBEjuFI73sFLPvoNHyN4WxbTut9HGBDG6exOAUy-TbdMlnlD78hUHnxudpvXCUGYeF77f0bH6LKazdCQADl5-Siw1lDtyyNmP0td7Dae18gstzj4HV6-0V1ydZF-t9kMaaKWLsaYFEm_zA3nkK_aPMzcIVsSaHXF4mifWnfHdZIvE_sQ2SLMt7eI5UHJXYsJvS2b9PHCD8i5_Y6WRZqD3KUInY&sig=Cg0ArKJSzMnhwgJuNw44EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame A324 19 KB
8 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:12:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame A324 3 KB
1 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:11:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A324 119 KB
36 KB 37ms
28ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A324 0
0 35ms
26ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmjuHi8FK_sO0CVgu3yN7z7QWgnSp0t1GohdX-OrbZRcLGgUlPEQQ_MtLOMs2kshmO7sHDb37RNqO6ykGjCFA8L_1CAg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 5102188600226944374
tpc.googlesyndication.com/simgad/ Frame A324 129 KB
129 KB 24ms
15ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5102188600226944374

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09beff50865b40927cb8c354ba9a975345d98912bfd6de6f5b6b55fee96423f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 02:02:45 GMT
x-content-type-options: nosniff
age: 126634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132416
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 13:44:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Apr 2023 02:02:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD9F 0
0 52ms
49ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0jNsSf6D1rvRwBZmjBJ7Oz-KNTtdSoXuPnEqnR_01VME8nktRp1NGeqntGlxgv_y0ouYxma7UzU_6Kzfm-rT0JgefOqhmy5yo-ZqeBwAc4O9A-1nOYaBLq1FnQwTCG9GUxbefffKMDbngSnXP5W4MKBHKL6qK28rtXQ1EvC4En791XQjNTncrEQv9avIqahJip2o_8Vj7cMxdZoqBF3tuo8_XeXflXRH5X9pyFgMrNZ8gwaIKNFeqQpyOWarvIW6XT55Qml3qy80OFuc8o-cCUVQGLwU2KWS812WlkYtPn0x3RzJorWTaj2_vM7BU&sai=AMfl-YStVVP7B5K8jSthYKM9ADfKe7ufdhP6W6Pd4A86qpPkaTuZRqtCU8LLYsLworamkUvKeQVmr_3qihR9dKUNhrB-Z4D1unmV2kS35ug9&sig=Cg0ArKJSzFhpSDzK85QJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v86.js Show response
www.googletagservices.com/dcm/ Frame AD9F 54 KB
21 KB 12ms
11ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v86.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 15:14:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6 0
0 43ms
43ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoFoywhmuB2OG5hXIX7tnuuhHQWwgbdnXT-ZCFkbESs7WmojzTyLcx8KM5ADNScoHzz8nXcNfg-7zPGfOAH4165KG0h4STyqPjxbTMn1CZtuHJorW2D5J6PbIv5plpO1ukG1-LGd_nhQdI1yUwN82weECHMYtfl1G33j77U0sm78YviDK0Ov22tMZ-cbGDLHQXaMxbxWdgLyoa9-R1CbjGE16X9NXF7djJUlgafAYzmwkblX-7alUG4okQQpDneHGyBe454Y4eq2PkBIajFs6IP_tYmc8W2wuejjEgGnEPzSqwOAE4mwPgnBIYqO6WJaTzIPyq9OO_YTiM8VLBb7sN2ik1kFQ&sig=Cg0ArKJSzJMIvU2w68QcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:20 GMT

GET
DATA 200
OK truncated
/ Frame 6FF6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dc5dead29a8e998bbad82c2699e084a1fab5f84487faaccfa76723668114644

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8058 0
0 71ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseveX20ZM_h0wrx9miJmdz7NEK0Nh1dfYBUEbq2SiXPuAmAVQ6Zv1kEt_kHnT9FIr_uDJOCISc4_nfnbZXcWXWgIkD1xHR_pGfarU_EdG79RMgTlqB0SP_ek3-RD-Spd7v2v4lx896OBMWUICqoaeGW_i-iTRSucKOI07n4_EQXdq_IFVgZToLp0UxFm9gnCPKjquAXcGR8GTqCmmruQEnaxvHg6Ga1SQqTWGOQIDADPp9UQDnsSqufFk_Zur0vvhjWVfyXnhISKVS_v0s3E7nqp38BXNxN8AxtgC9ClAmVkZQQe7NYcEGj29GVv2L33t3A5FOJHBNLkkMyJljfzNBcKc7EWjN&sig=Cg0ArKJSzDLCRUsdatTOEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:20 GMT

GET
DATA 200
OK truncated
/ Frame 8058 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428170b3375776277898d1b4b2157287c129a6b1ad5ecaef8f7eb36440b5587f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6D9D 14 KB
11 KB 1275ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f24813bdf14374f24177b1d363bd8cb6e94166c44671e619ee3288482b3122d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10622
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F97 0
0 65ms
63ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFmUUkkHGvYe6qao9jqTF32Uq6j25lm6kpeK6TYO8u3idCn-QWOGnE7LrL5a8u2Gs3QRrC9NClueKxhna0jIh5ZremCSGf6ukSEbokV_-iQBi1xXE_uOP2NNZ7PS3KrcGgQcvaeQwfioqxu75aAtb67VqGiW4RoDFQebtm83EJZqk2laaQQrC9sDpfY0_qKgHSaFiXYeoJ8NtRQKcsFX8oQEBOQkVf8wmKTrNPfrieeCMbwU2wkXfAd_yodRFWC2_m1VRGrfw_DVWOcSfaDCOsyniBvf23Rc42PtzKjkiLLaOtbCmJNU9eGAWgtDCl8XIn4f4U0kfTiBxvVbe4t68aRqo&sig=Cg0ArKJSzKNswBBs1ctBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:20 GMT

GET
DATA 200
OK truncated
/ Frame 7F97 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f10e8853b513d7565d8179d36827b9b61ff2054df307f978ecb128c936d9e87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3A27 14 KB
10 KB 1241ms
23ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c2f6f4682804095d89027dc017212838c40e4c90ea3b628f507e139b008e606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10522
x-xss-protection: 0

GET
H2 200 B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame AD9F 51 KB
25 KB 1248ms
47ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v86.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

28e17391726157b0c7c47b0bce906effd011e630627f19225d0e9e5f989f3e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24997
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A324 0
0 43ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunW9V0RuhmVcTxARdP1a9tYrXaff5xx7K5VisEnpzBgltev4h0hRTxfktJhnBzfpsECajfXnqK_CQyiIMP14dwkSJvs9eXn4kj5hlUPZ69pMSm9AZzwo7sNDY_xjyVOB5_qwy87di186dlIzj_a3NbzGXm7QC2YsHRx7cHcz_0tegeibdgHxq4xe-2NVIlwFYfIoaDJ4UqMbfmt6BbNKbNjKa0TtZPiRgcAxS1dz4JRXLKqXukE5hSi5ge2op47_LmC6QKoFRh-eAGzVNCHZAm-tNcwuyBlXnfNpP-ixq7QoDPa4WTqq2F8N5zhWqmxMQrZ6lFtyNHEQZk0e0&sig=Cg0ArKJSzFsufjO5yIo8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:20 GMT

GET
DATA 200
OK truncated
/ Frame A324 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0ea6de8d7ee84105edbfd9cd4d86d002962e126b9776d1d91c6de42c48a0106

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6492 14 KB
10 KB 1185ms
28ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39c9b3efdf859496ded695f41f8ce902a26fd3062712dcce6c844144620622fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10668
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7F12 0
18 B 23ms
10ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.cyberscoop.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:21 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EC68 14 KB
10 KB 1180ms
30ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70a771b4b72ced5ee3f240805fd2b68e928340a608246375cd8f06e95d594f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10518
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6160 42 B
174 B 557ms
38ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWWpfy4OXsFPLZx2pizhnrFOo6LXEkrvL-X3jicxc050J2vM7NGqTfX2xYpYCDX8ZugkzU-7EmlF0AbbCh4WB2BLrF3hHZQBmON5-ms0Mvt-CCWSbc&sig=Cg0ArKJSzKzI01hdbhM5EAE&id=lidar2&mcvt=1001&p=371,480,851,1120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220411&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=113530204&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649941998495&rpt=718&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8058 42 B
108 B 297ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxN6osRK2urmHafZlhcu_I_LtGsNJDnMMCDWG4Kwlme-ETrmGikzKuIAmX_8UVEQIgDv3FOeqCRedOHq580Zehj8YJtx9X0qLnj66zWvVYzGOCwvU1&sig=Cg0ArKJSzOxl7U6jAh2qEAE&id=lidar2&mcvt=1000&p=170,436,260,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220411&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=13849420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649941999077&rpt=393&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D9D 17 KB
6 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A27 17 KB
6 KB 53ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6492 17 KB
6 KB 54ms
49ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EC68 17 KB
6 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/ Frame AD9F 8 KB
3 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 13:03:52 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AD9F 0
575 B 164ms
2ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcLHGAkjKfrG_7FE-DJksk092TZGTdKtr8gbA57K81zKsmJ246JOKvgJnGGq4y_aJHcVTI8H-IaKiTtALArDScpqpxUirnfgsCZqI_cZflqs8-cjEeGK-rkSA_aPIyERSOmSMVOe19bwlRR6I3vq7XZazRBHe1YAJSnMcrCbckJPRBj_dYBA&sig=Cg0ArKJSzEsv-K1In1N0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=22&cbvp=1&cstd=0&cisv=r20220412.33095&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AD9F 41 KB
15 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:47:42 GMT

GET
H2 200 4220928466902162573
s0.2mdn.net/simgad/ Frame AD9F 36 KB
36 KB 182ms
0ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4220928466902162573

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 07:37:52 GMT
x-content-type-options: nosniff
age: 192929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36633
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 16:51:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 07:37:52 GMT

GET img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143;
ad.atdmt.com/i/ Frame AD9F 0
0

GET
H2 200 i
cdn.bizibly.com/ Frame AD9F 43 B
345 B 210ms
10ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/i?v=3569326&a=520739529&c=166451110&s=6840654&p=328652550&m=0&n=1434754143
Requested by: Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/63DD) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:21 GMT
last-modified: Thu, 14 Apr 2022 02:55:01 GMT
server: ECS (lhb/63DD)
age: 37100
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 main.gr.19.8.299.js Show response
static.adsafeprotected.com/ Frame AD9F 189 KB
60 KB 190ms
0ms Script
application/javascript 2600:9000:2156:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:37:01 GMT
content-encoding: gzip
age: 3256581
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Mar 2022 19:11:01 GMT
server: AmazonS3
etag: W/"587738d3e44b43a2620f42eb51d89fbf"
vary: Accept-Encoding
x-amz-version-id: kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: FP99z_YOqIajpLecNWoHCQv8tlhDX4qLsybSrHvyUvm4B2aCS6-KCg==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD9F 119 KB
36 KB 102ms
49ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3FF 13 KB
5 KB 65ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:10:05 GMT
expires: Fri, 14 Apr 2023 13:10:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB42 783 B
533 B 68ms
33ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ccd3a16c0af962e276c6b0ff2c58357e428a31379ab30d0dbb2f84cd31af178

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TSyU71hgolMyUbPwgoFrJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-TSyU71hgolMyUbPwgoFrJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:21 GMT
expires: Thu, 14 Apr 2022 13:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4D1 13 KB
5 KB 49ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:10:05 GMT
expires: Fri, 14 Apr 2023 13:10:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A565 783 B
537 B 64ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6b26d180e0d54e93c13b82abc73e0d09c344f7c52796a3b20256d90f45e1e73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4X590LV5EXMR8Ehy7pxjfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-4X590LV5EXMR8Ehy7pxjfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:21 GMT
expires: Thu, 14 Apr 2022 13:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D36 13 KB
5 KB 48ms
18ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:10:05 GMT
expires: Fri, 14 Apr 2023 13:10:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF8C 783 B
536 B 64ms
33ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c952bb58cf9e432b87a5138a8d03383f6d059fc36000ef4a74be712161c219c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8BN+v7/R0TDRyXMJPH5hgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8BN+v7/R0TDRyXMJPH5hgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:21 GMT
expires: Thu, 14 Apr 2022 13:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64A3 13 KB
5 KB 48ms
18ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:10:05 GMT
expires: Fri, 14 Apr 2023 13:10:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4C7 783 B
536 B 63ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e68fbe8dd70e2978b3c8d8a6c7b9ecccf42d7a84b87f023d5f7bcec7f546808b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k1NzfzlPfSChVgg8GoA5Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-k1NzfzlPfSChVgg8GoA5Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:21 GMT
expires: Thu, 14 Apr 2022 13:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E337 22 KB
8 KB 45ms
25ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 10:48:06 GMT
expires: Fri, 14 Apr 2023 10:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AD9F 0
26 B 86ms
56ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD9F 0
0 86ms
54ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMMG7hjkmQHCd_zWTFS3gzFscMOgH2Wl7TYC3OXuRICy9r8hPcW11KIru_iyGsis2NRQZvKSWwtcBILIb2bNVPu8-Mk4feve1kIg_G2jcbv4Oq6XPjAsJnlKWdafwH9M203WtN_YKa9fWSXtVrIUTEjtlzwxyQ4HzgTav9tAVopkpnn3saK4oNTTP8hKrdq78EDZSXEuduX17H3GI9zFSqO00Ds9BjfcF5_hU5uMStmiIyi6_Fn9ElSYfJrNToMQo846H6oz7TzIrec04VIGiA5Gh_EGRZ12Wl9uIDurZfHRA_uMuJ3MxB0_VhhXYuQrY&sai=AMfl-YRQFaCtwKbZTi6RCYk2A0aXbQFBSw-yD19urmDnXnCRoHZi797rmNyO4BonOeCy7GTwJDhFFLxVvryiskdNakGUmigogPwDcUMgzPDK&sig=Cg0ArKJSzICGTAdeSF9xEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Apr 2022 13:13:21 GMT

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame D3FF 35 KB
13 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:51:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 55ms
24ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc30b2e232172e0d8ea0d39422a7c92b0f38043ab30aed4a3d354836d59c64bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 13:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10478
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
559 B 293ms
164ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=93624d15-4dac-4cae-b225-a4f3b60c50f3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&t=DOJ%27s+Sandworm+operation+raises+questions+about+how+far+feds+can+go+to+disarm+botnets+-+CyberScoop&cts=1649942001411&vi=29a4870b016b3bb85d6877545c114a7e&nc=true&u=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&b=143679850.1.1649942001369&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7709829c-2d79-4848-aba4-f23792292b2f
cf-ray: 6fbcb2c9ef4483ac-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt7mE6p1mqrsfxz8VqCTAzSm6fpt07G3LdUcdaDi3UmteXvSNru9SskoN5TU%2F2YVZSvcuTOKFOyEdIBVY5yXKUIe%2FsYy4MhpeZqKrmOL1GgZI8FALOwePdA8fR7XIoMVOJxqprou5VCm97ZJQ%2Bm%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
961 B 292ms
163ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&t=DOJ%27s+Sandworm+operation+raises+questions+about+how+far+feds+can+go+to+disarm+botnets+-+CyberScoop&cts=1649942001417&vi=29a4870b016b3bb85d6877545c114a7e&nc=true&u=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&b=143679850.1.1649942001369&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b27ea980-1289-4ef6-8863-d0a98dcb1f8c
cf-ray: 6fbcb2c9ef4883ac-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zLUaANKkrQkZFCwWhLHrMmaGca2wNLRtxt%2Fu87uhlByFk%2BlUxNgtezx%2FbmxcEoqnU8898sx91YHndkEkIOGSdxExSSQDvfeO27H3rvyJU2YzP1z23b1UqKowKxC2xYefhdXHmXO7pZX0G1WRekh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB42 0
0 73ms
72ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=1401623283798113&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A565 0
0 70ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=2691086534282747&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF8C 0
0 85ms
85ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=3855446623576426&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4C7 0
0 66ms
66ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=957994596409965&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame E337 35 KB
13 KB 36ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:47:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:13:22 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame AD9F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd32...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

39ms
4ms

Script
application/javascript

2600:9000:2156:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
age: 5008519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 3ddnIojzBZjo6h2OhOucgVecyqnTSalsUMEvDeJ-WgszL_G2YPaj9w==

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:22 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame FC56 80 KB
21 KB 45ms
8ms Script
application/javascript 2600:9000:2156:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 5008519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: xaVF4wSoxkD_J0rbPUokRkD9uGOyS27H5UimqE577r9iS9DhNQJVnA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AD9F 43 B
215 B 561ms
160ms Image
image/gif 44.241.77.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRNW,pingTime:-3,time:659,type:v,im:%7BpBlk:616%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:553%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:22 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AD9F 43 B
216 B 545ms
159ms Image
image/gif 44.241.77.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRO9,pingTime:-6,time:672,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:672,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.cyberscoop.com*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:22 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame C4D1 35 KB
13 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:51:10 GMT

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D36 35 KB
13 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:51:10 GMT

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame 64A3 35 KB
13 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:51:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AD9F 43 B
215 B 502ms
160ms Image
image/gif 44.241.77.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtROO,pingTime:-2,time:713,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:430,bdZ:603,beA:2438,beZ:2440,mfA:2921,cmA:2931,inA:2931,inZ:2945,prA:2945,prZ:2967,si:2993,poA:2997,bl:3054,poZ:3054,cmZ:3054,mfZ:3054,loA:3109,loZ:3114,ltA:3150,ltZ:3151%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D,ha1:%7Bres1:1,ps:1,ts:1649942001636,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:553%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:713,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B213~0%5D,as:%5B213~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:154,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:22 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B7C 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:10:05 GMT
expires: Fri, 14 Apr 2023 13:10:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CECA 783 B
535 B 27ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c7a042d050e0fc774e4e13483e88a99afd5116b338ad10a7e34c8c4fd3f7845

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DKHiu1Gkglb1xSvZ+93kRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-DKHiu1Gkglb1xSvZ+93kRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 13:13:22 GMT
expires: Thu, 14 Apr 2022 13:13:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D3FF 0
9 B 7ms
4ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cy85qQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1035174/log/3/ 0
248 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=4869&scd=14&ssd=1&est=1649941997349&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1649942002219&mrir=u&vi=1649941997346&ref=null&cv=20220410-1-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.cyberscoop.com
pragma: no-cache
date: Thu, 14 Apr 2022 13:13:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AD9F 43 B
215 B 158ms
158ms Image
image/gif 44.241.77.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRZk,pingTime:-10,time:1365,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1649942002325%7C%7C2fd33757f8c6a154094e06ca3d17f2a4%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7C97906507fddab139cf3a3ce16916efa3%7C%7C766b52f4cbf191f1a8596eeba5dd7bda%7C%7C8594843a16686a4eb9c7698bf54cedfa%7C%7Cb78655f6c184a0fce1dff51ee943d54a%7C%7C28b2fe26b6457dc02b9db1119c11d449%7C%7C1629390669,im:%7BpWait:22,imprf:%7Bttecl:2836,ecd:220,tsecr:52%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:23 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CECA 0
0 67ms
67ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=2814599767980077&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E337 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn14p8R1YYv_FGtil9u8P8ISG6AQAAAAAOAHgBAI&bg=!8POl87fNAAZvJBiFTyQ7ACkAdvg8WgiEdQskafOqILrnAIaII_OTIglsH0yPnwhV4nZElHUukv_TnwIAAAIqUgAAAAJoAQcKAIkyjjLGDn2f_eI827cy9lESxnNWAD-8U_AcH3q1gEW6bkO2OJ1N0extH5KdUusSCb9ZEyJjhuzqbRZSKyIsaUMAHQbQQsot0d-AZTTR1nYBlF97VBah7-eygMmlx_a_GP1CI-Z78VzPG7EC4CjF86otvORgnOXmueW1D9j7V43TmKw8EFLq_XmIsZkC9dwfbYxiDGEq5TSUkoBT8KMD2ciOvfmR5k5z3dNoYGKCD8tinB_aJrPXrlwRIJ9pLey8huwVEsdStNqM9p9osD14er23pbT2NRyNU-Zg45iQPPfhmBTIAgVhfxuQ8WVMavTHnnIJtX6VM52Qq2VtLLXOLa5sbmf3HFAXoHcS6Sz61K312JuG4zQ0embJ4fsxvNFJ2zgd4vYf77N2FKdo-El-5eggEXsaaGVNgMqWa-MIAGQBxsjphAxnprJCV-ukYOkbYjh5kTt7ejRflRuTEw0KRkKpOTsg7oovH2uYwihLhHBruY8G5yFIn1_2zuCsr3oT_HwLJzkzT3uODzfcuZRxjFF0gpoPq8phOzvvJ3khSeGcIrPgRZsnE23W2Ep0e-tlhKfDF42oE5eKYIeaXnDojjIFdtDpLlz8I3gUZRBjy-E6_DoxrSbkicSPP7Omn8fA2thrteJo4OyL1ikOQ0pi8KYMRd7bbBBTL3C6MNXDVKsipIT7G7F-tJqZc-fkodx80WPE14sbXU4nvb1rCrFltawCi0zJk_LMMkdtQLSv6XvJuC5lkzgmOTD8ooNiNyKtcFmaGGQW1MzTmKChPEKzpHmLdi1X8uz5j0kqxF93KNA-byeCYLZQ8I5iM9ZE5owRsPJqHoUz7CCM-u86KCsyg9Jnme1M4yGiNo_tdKylCACUttH8WTWQPtaco9UEIZSNmURHX4I0fiyPxrlYkVdOaRkTblSKinqY04yNOPRZwZQ7ll2uYQrwLGkZgA9-K_UEP9bbQD5wI5WWqq3CtJvNA29wsGTGTY4KKSUBv8Nqk45MCDe5R8nbP8nKVFj6oxPz7wjvDS5GcYOdQLM4Va6iPtZbChOCBXY4x9kFXnJymLnAL68k3LKm-5sgFl_qoPnCuXIHRINZG08PVylsU8MZDW6X0o90YXGh3n6Kkx13b4rmcEb3c_egmnSQzEz9ylgI1VMW7J2NurYAPfi9xWC6TosA27otiY1-xxNztb4C4Z7fW2E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B7C 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:51:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D36 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7yr0bg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4D1 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QIcq6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 64A3 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DLZuIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B7C 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d3tMVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:13:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D9D 0
0 75ms
74ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=1401623283798113&bg=!29il2JzNAAZvJBiFTyQ7ACkAdvg8WmGMUt6qxdwCkIS6jZNX9hOo4fKHMwk5qwwdFY3IRuSfqxI_FwIAAAK6UgAAAARoAQcKAKs-xz1nsI_SyDhT7DAo_bPFTE9Q8wNfYcHa6-7HUjn1kgAfQWk1UEYbeIlguYww8FGq1SCUsCoNgiHKXZ2EgNR65J0GZmLPg8i-goeADUzJfpx0kCeGUhnj-qveXXSfbSedMbLFdxiNgvooRsI43CgbUbWGHD8TPS9DRCZsq-qNZxx7nYFW68tS70a-gmRSJA8btCS87FldDtElB-HVypLNJm1zQ8eVGWGxzhqZAsg18_zPoicgp64mZ2RYAK7xlqkVpq762ug6rMJFDeZKmPhRcHRBt3TkADSUX37-S40uDJ0V-W4DKXwv6xDx-6HoqX7LiP_PVci2ZpNhh9p4QKTksS2CBTEXRnFe17wPrEjMzrnnoO2Pksdm73ldXGOcsW8Hsv9qFHd3kcWE99aFGh5qYdf1subd7j7MZhp_H_n32-pPwT6wysrIR6sNPPKENt_DRMa-j9exc2ND4Zseu3DliLLgjvTGJeEdmf8JrKVnjeIc9R2KEa-BYEWvj9fSxUAvehurbEtaW9s1FC3dz0b9yqfdUH7j7uKPqf___iR9TtNHbdAwEj0OzW3cQeT0ugOVx28Iv-ORCbiOj267uayfpsiTQf31HBXYSdf8qA4BWiR7hMp5RXmHz9SVTsEj9eeLN3CHVtIRB7x6pwtdxQHlHjsyb7nR8lIY-43sfXx7QKeL6e0xgShcK18WLOBieHw3raqcAr3HTUtaC3UMf95NCkQSriVM8qY-o5keH9j9DDtP2ZGhaEurTyprRB1oKXnikM0a58KWjvWGhgpQUR8Up_rbqaRdXNyTS2b3WVDtUx98fg_2lckMmKW-j8iSBVWyxcdOn7-YYUhc_z91FLPl9ztX_hqkF9FxUb0hp0McWCIpnZKdCbm5YEoRz1td5BjEgCMLbOCNDbCkwj-nX1DttdUIXn7-hBbJnSECCWWwR4BkyicfkjqGw-9ntJTYv0xQVc_BoqmLUVoqjI2uTlg1h0_4HoDFu-UtJ9wFmxZAH4EWG2ueDNF3yegfFaWYO4Pv3EVvzUHeCpLvOUh6wiBATh2_0ECJOuY0zBifkb8e1bDriTLfK5eFL1tit3PDKe1N6e0jIbML_Fvl_mJveRfBpXiE4njDTUzpF7OdtlbPUMOBtZ6zyzMBIO3RU00ATPMTPHBTzHjh_iLgC2aMVrzegK4xSOEt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC68 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=3855446623576426&bg=!BgWlBUHNAAZvJBiFTyQ7ACkAdvg8WnFUo38z3ALmibtRueQrOGcMo_vxiRBiYZhKFHfaj6NRnLEkAAIAAAJZUgAAAAJoAQcKAHFHk86jH7YKX95AspY4OvZ4oFE_RXK1FslpRBI6Ks2tOzW8z938wMiAYvPY2totVZQqiT3QADbEdxv55NvRo8KHDMTPIbnHV3adgC_Lbcsf5f50nXDsf4Ed3K-rC1EXYLZ8dx-ExQY_BwWBOUbrj8j3DZkCu4BU1LOhxv5EleuODJjiJLpWp3m6mYO_b5WJoMyw8uuY-jXOvp09SfqNjPsQsto9oZfYXS8-J84GJKz21YtFpKCyHQnVQ4GDvtEPPcaJ5LgEHwGWtIQbz_VWnkxlrE_1mwXqytMqu_QyQDbN3yTvUMAGVEdtsbuxfZxRG6cYdUc7Opz7idJ78kIX5GiSrgh71NhUme2jb2WsXu1aToK7sMw2dTnHaWyHeDMIBdIQVhK77mOX4np9dN8JBE7ECRWTwSycOWBQvdFexxow4XLjIv-SEotMS88ulq3HJT4o8zhje34JJDXc0phoNcqWS1IsNd8den2pisyIK61ZfvGWO3KWCHplFsOzDzQ9dwy6_djbTDNlxeqf5dVnrtTMHJDuE4ctVLZRLXmyhE32M6SAL7lPLpVbKfm-yc2zUBhwbBU0_amF1JSWbjo9JFxZ54st6-guCtgrP9cN9FlmpJnV_KiF-AKVk7KV5JiMLLO2HiTkJqU0bTxbOIvpW-Hwgbj_DlvoHNv9Ya2qA7RHNRV_fE_B_CZYjCjzWVZdBqjKWnXNSV7NNNVYdZ2NS85_3cgpcMifA0qhYAslkaLYp2JxtAsDpj1Gjn7wl2ejOOyg4xEEhmwkEPYq7zgJY36KU0kISoLFjPGsCf0aKbn4WLTnteSL8EPbcyMDlAEnA7qjpPEtqjittUagPzYdAnWc1WwdfbvikRSZtEJInNdZf2p73xTcKOiAPlfsFEsyfWCElbL_UB4fFHqomGKN_rVGEITD7pZuXq6ev87J5iDpMmx-mvUEo3gt9RqztLkY-HK_Z372wrGD7ylWK5-UzQa6b_TkuKYWsjtd61UcLRB1DqfiNTIAfKXdpVNjbdgJ6ufMAD8CwoGMur1sPgPg068U55r9Uc3STMAIQh4GihwM20kTRIXTwlzcSw7v2IhffQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A27 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=2691086534282747&bg=!gYKlgsbNAAZvJBiFTyQ7ACkAdvg8WuwhD2BiZK9lVWbQC97LwqxcBFcPGdiVzQ5Adzm28bFa3-TQaQIAAAKQUgAAAANoAQcKANXwXNDhbKj0CGJ6XOoagdTCYCaP-O5sAlx_7MXe4OvYjuPQXZ2XkK3xGFXGuzqC4CEwA72DDlsNsivx7VjF4wWDHALtmUfmE5KqwTkXDb3BTXUTYWI6yupB5PCLFkI2bT6hbMrWff2CvC1NJr2Zr8sxGQgcrLId3Ys2PZTO8YhvX46qxqspBQpreX9m4o7UQar1QczYCLQT0LnsqrpyYj0R64ucKD71PaGJaMbOeS_yx_utnN2B0GnXQkqx5BitIzFDHxGD2WaBOZyAIzOlTV4PvHCwAH-ZAr6UsiUSDnQ_WfMntAZs4Dd1S3DlCCI6DujdPUjSyNO4I5thYf0yMyNToLLhRf4cj7jI_CPDHdOHLWKgBKFhGi-_XJTXuCykodMwl_Q7g5YNhD7ekP5hTJzSV3xjYvzrsinDQ835frnuxWp2rLS6AaDgxa16OZTXTvIMPK0I4sDwL4kM-bzTlXdNZ0MK18tWObvDPz3IHqsGORontPQSpskOD7ODdzXnix6RhYcSXSFgMVEaddNSzb0X-Owi2gieaxCU4xycQyOVJL-Ub5QsM7EZ1EuSH4M6CijH54MAf76yprIGtqw9rbe7V0QA5GKFzN-S5Ezq1wJQZKpLEiphRDs5q0X4Ka4p60hRqnOVYf8aJuIPSsirivFW6UAlR6o-4zrXBTI1vQ_-Ic4WtP8aKtyf9uuSvw_gSavAQHaep7arwCmlPcjjJE8dFjhSmQK-nNdrAoGVN6d-WgIuGGXeeh3flSzzLGSb_M3ORqtQ7aafMbKVOHMHDYAG9J5Ty-N6rCMjUJFRUEclqqQZq2UFsXkddowQdx8hKgPp2DjyLuRbTio_Lwf44nCkbBx3MWRc896QvNcvZlSma6QFpR_Z4uv0GVCjN2GIJMQe4RT3QdR_DKBeJR5qHv_zSZxRCXjwdfwZiJVUv21ucrmjcEPA1uy8nxUJnsggumUByifkrExgQraJjR-m_xhom1V9R-YHXSVXVzVSQjLgmfi43uy0cGfBMPPGf49wbTWzbog5EwXCKimOasv4LAxJ2IstBXIHZQxTFsX_2xkqAh6y7gLG-JYFmNDLTR42KI6bkpjCPpxBdurkFJcU1YbPZbpiLfWyDt0mQnZfKjNk3R9GRKKw16o7dhJBqmFP-vDXXepNWDDjQrJzvzYrxm4XuSssufyN68WAIde1TEq2veaz8eoaWseIFYBJxbttHnrwDeGJlIQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6492 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=957994596409965&bg=!iYqlis7NAAZvJBiFTyQ7ACkAdvg8WkkzOu2Y9MmD7rDuCcD8W0YXvpnFGZ83NP6DagVfMO4Pbic7RAIAAAJXUgAAAAdoAQeZArbrqDwcHS_34rZOgFyjJo7zYt7bEHI4YQZ99s-vvh6fL-7S_kIBnNg-_09asNpEalB63WJ73DhRJ6nCRIQbMGkGd6zrc_gzWoPxeqCEwcGmzZGDJAqsKoUac_qQb5IpUCZRY7D19ALN4O25BaG6yxofyXRpBMZZsESVSdmAO1u8YbXbsMOWf3G7cktloRWYpoDIpYoif4ukz4mZOc-JkRqFpiV9ema9ldbJ6aEdaEb03XdPTmAtuPg2jAiG3i3RSF61FiM7RJZuet6vB-Ivh8xK8zj6TvBdnLQ-4REwCUTOwlI4Bmd4DXIctGJE-uBRT2pq2iEDS4pjDJtYxAO4TAprtfvHG666C8pgzG7W7xuzfOOeMIi4ZVnT5L8a_nMdQxlJ_cA83Kx82ekikwCBlZ_K6yumAVfwRE6CQWtMLZCgzwEmWAY0OX_JTVTfZ61U8edGrVF2v6BpyEaxsVM3seXOOKolM4PL3UXur7rBmbNo20fWD5FDN-Z9mKfNg7zwsGKd0kyWFLIMlXUpSTiPZ4SbRLtZJbQBkyJSa2guiNxFWZeyMPdc_cYU732ZrYHt8P9yfPR5_ZyYOpDsVPiH5jtydRmMrVK7NwI275atYNw5txq--z95MdZXMblT2C26r_7QvjPvnFnXngtOMUD1Vr3026z7UtuYQI4OEyfDI-FHmzDXQxI7kSR4wriX31El5gbdQtL-Va3UaLmkttLrTAgFnmwf3iZ3VSlozBqAaHHtuF5S8XY73LEyZKouuASl-VmtjnFkp2jT9UPBCqW0THIAfpmyCQ4XePX5mA0mUHMtU6wpHLTVACXYtm5Xdwftj-EC0BYho4AHgTqDcdChUdPyMM4cytKsWe1cLe3jBNpsJN3wx7aTzrXjzLAOvOQoTKxsiXwgKrwRUt5bDYxFnNx7U3xEPrbi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=2814599767980077&bg=!pKelp-PNAAZvJBiFTyQ7ACkAdvg8WnzY3wFb5x2oyKYCx4aL0Xu6IV2UZ417-LQUV04qeLbm2BSRLAIAAAB3UgAAAAJoAQcKAAu8fDWV5yrbcSK0n5kCoglSl2f6t-DsxdIv8NP05DR3tLWJBnMdY5DFtZHLIVZM_kYrhSbmhWqGNfcW32iW8ZUg9o_SmSW7HD1IsFIBWcn_nIrNF23kf2mFCdN0oqEmIepP8VtgqwICTyv0LSAsiD9Gn0yP71NteITHekfPkqdJLNeDemBxlkdYaR1euYpBctOa97PVVY5V7CG4QQgj1lAtKknelJ4tiMQuq_uh9gMVDQS34QQjvdyfMAz7-qMDPAnlhd9zbDnx_sYCASu7fb7CK8aZNgNb4zxi9ft-HqzBMKNe8UffEOqaNE7F6DoMPZVny4RnfqorfRFA0vkBeput5c0rKTpvNwOe5EV_01GCOTPKV-GtceDroAPewEeq2USBUQYtndb46Xju25PRj7N9eJ02qcrqqwcT02xnevOVYIWOHYK_a0SJF1HpZhpU6btv3NxED8X40BHNzhdGSgF7h2FamHTlDHkkTQ06H1AI4xWwx-cITaq2-tBBXaCZlKAtsmZzZMURTnym3y31TEQmKzT9JbPZm-D7jfBEHncDns-GCp--Slnh60mL8bFvgZWo2ta7fUfSq7Du6xj_MNb90ZWC0S1rpkw1nrgcbCA6QlQThbdqkzhEfSRcwk7rkv-uWf7MWRT8Y_NqiNZuvGH0L1LE1NseaRRMVB29Ly3uIRngmPe7OmfBNbEuI_SJO7drQHS15qAd2T9gDbp8Id8jBCrrq7CA7ZPqdDyv0v9W6oC2651qSseCcaiRzhN10F-2y4nMRoK82n-qCmgA9hAtCgS7jQmCR_2KH7FPrhYBI1iNtHCqA4XkhTvwuQDEvIFgom9_CPKm4K-ZMV7mncy7ceh4TUHYrUEFq3Zzi-c2hGZjU_qQ4SNmn9cNTXD8HsQerjtxrcGwvfGlilpAmSuc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143;

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cyberscoop.com/	1970-01-20 02:19:03	Name: ppwp_wp_session Value: af1dfb12bf4050364819462585d92e05%7C%7C1649943793%7C%7C1649943433
www.cyberscoop.com/	1970-01-20 02:20:28	Name: sng_interstitial Value: true
.cyberscoop.com/	1970-01-21 22:07:01	Name: tk_ai Value: 4m4C7j9iMatnLgK5ZSUD42RI
.cyberscoop.com/	1970-01-20 19:50:13	Name: _ga Value: GA1.2.1602128739.1649941998
.cyberscoop.com/	1970-01-20 02:20:28	Name: _gid Value: GA1.2.988392867.1649941998
.cyberscoop.com/	1970-01-20 02:19:02	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-20 11:40:37	Name: __gads Value: ID=57594fac4c8d4e50:T=1649941998:S=ALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ
.doubleclick.net/	1970-01-20 11:40:37	Name: IDE Value: AHWqTUke16Y__NGR5sK_kD2V3BOt0Ye4XVGz_LX4jC_Wues5KuY4CjrtwN8elwFQij4
.linkedin.com/	1970-01-20 03:02:13	Name: UserMatchHistory Value: AQLSzX0D8SUCdQAAAYAoNO5V1uhMRsQ2ujM7o-ma4gZVjgiSVWYcUyBiRNKSoQmcF2iZr3NWWKRPww
.linkedin.com/	1970-01-20 03:02:13	Name: AnalyticsSyncHistory Value: AQLcXCP35CFP-gAAAYAoNO5VKkp6ib9E4_LGrMV2M4AZTu5dgdK-r6sYtcO3jX54TT5D4FP97aMTt_1NU-UH3Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:50:55	Name: bcookie Value: "v=2&ba8781b4-e306-42cd-8839-56cef5a523bd"
.linkedin.com/	1970-01-20 02:20:28	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2679:u=1:x=1:i=1649941999:t=1650028399:v=2:sig=AQEX1as79WUmXZ84Q780ZXkW97UCmTyD"
.twitter.com/	1970-01-20 19:50:13	Name: personalization_id Value: "v1_HR/CJ7xqFN7XkZ27utBQYA=="
.t.co/	1970-01-20 19:50:13	Name: muc_ads Value: bfa0bede-a905-40f9-85a0-4264cba21c12
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:50:55	Name: bscookie Value: "v=1&202204141313196d35677c-9d2c-44df-84b0-91a6b8ec9754AQEywndZU06cVUVK_IuTy_sXoy_Jre1p"
.linkedin.com/	1970-01-20 19:40:34	Name: li_gc Value: MTswOzE2NDk5NDE5OTk7MjswMjGr9a23IMB2v8cDJ2V/SHuli4L3BTvUXvN8Qsem82BOyA==
.cyberscoop.com/	1970-01-20 04:28:37	Name: _fbp Value: fb.1.1649941998947.1946963274
.facebook.com/	1970-01-20 04:28:37	Name: fr Value: 0JKNcyH2foVsq1I4Q..BiWB3v...1.0.BiWB3v.
.bizibly.com/	1970-01-20 11:04:38	Name: _BUID Value: c3ebeadce9a1380a85412665263f4c31
.cyberscoop.com/	1970-01-20 06:38:14	Name: __hstc Value: 143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1
.cyberscoop.com/	1970-01-20 06:38:14	Name: hubspotutk Value: 29a4870b016b3bb85d6877545c114a7e
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 02:19:03	Name: __hssc Value: 143679850.1.1649942001369
.hubspot.com/	1970-01-20 02:19:03	Name: __cf_bm Value: za7C3QeeH88w7bVCyFAZGHcj5orEVIskp_dROhV74KM-1649942002-0-Aaz2gqgSXqVlCznF+gEdBBf+GEIsOyS24HPsy4MAUtQwBThbpdXHE74lPEawz43s+WAL+kSglYZwf2t1bAtgzrg=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.ro
analytics.twitter.com
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com
cdn.bizibly.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.wp.com
public-api.wordpress.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
track.hubspot.com
trc-events.taboola.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
ad.atdmt.com
104.244.42.133
104.244.42.67
13.107.42.14
141.226.228.48
142.250.186.130
142.250.186.134
142.250.74.194
151.101.1.44
152.195.15.58
18.64.103.11
192.0.76.3
192.0.78.22
199.232.56.157
2600:9000:2156:9a00:8:48e:53c0:93a1
2606:4700:10::6816:46c5
2606:4700:4400::ac40:9a55
2606:4700::6810:5705
2606:4700::6811:44b0
2606:4700::6811:b649
2606:4700::6811:d4cc
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9a
2a02:26f0:f7::5c7b:e053
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.241.76.101
44.241.77.164
52.216.102.13
061473d06c676e692148c9e53870122e472f133abc759c56e871a162e79b9376
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6
0b7f3bebdb1384bfd4208ccc6aa7771962e3a8ef6e2f458e5a1667e2c92fafa6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0
18a42a82c513ff8d2c5a29542beb4e212ab8aca348c9badf8db63072cac02287
1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f
1c7a042d050e0fc774e4e13483e88a99afd5116b338ad10a7e34c8c4fd3f7845
1dc5dead29a8e998bbad82c2699e084a1fab5f84487faaccfa76723668114644
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ed7146242c28ffe4badb868985c73fba2a8a54a500f3433d0aaafccc2f9dd5b
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
25d8e04096ef84239b0c6ebbd7f1e834fbbf4489ecbb94ef1373efb76346a9f8
269ae13eec900cdc06e8a846d1e04c0628457519fedd8e7c4bde3187655dedec
28e17391726157b0c7c47b0bce906effd011e630627f19225d0e9e5f989f3e55
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c2f6f4682804095d89027dc017212838c40e4c90ea3b628f507e139b008e606
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2f10e8853b513d7565d8179d36827b9b61ff2054df307f978ecb128c936d9e87
2fe0f61deac89fba6919104a3ead56be8b6c7998bfd712b198e1fe260233e55b
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
3862062055d3517248ec20f289a416f90399a5ee6be769538ede47c12be79487
39c9b3efdf859496ded695f41f8ce902a26fd3062712dcce6c844144620622fd
3b89cc38fc329aa1d948f3954ac2203be3ae9ac754d34ac9e0ac1fc1c532e3d7
3d5c432ac1f87c116b88388348b78c08278195f455202173393b9c0576bfb6ad
40905beca0f8b5ff867fa2f103e951dd2416853df1e8f7d7453a74708d779277
428170b3375776277898d1b4b2157287c129a6b1ad5ecaef8f7eb36440b5587f
4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066
48f09c1e2f69b85f86be78957e151e15055d602a90023fa99174df1d25700fdb
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5156369f789f88745eb663cd28046ec6d8480e46cd4416315a5d1dd576101fdf
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
5b52bb673705cc657cee64d8e88f6090d9cd8f5c9eb77bc9feb41788ab10e388
5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
5f24813bdf14374f24177b1d363bd8cb6e94166c44671e619ee3288482b3122d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468
6381b7a6fdaca498a044bd187938dc27d9c6a2c96d8b10854b17c12a34b9bf4c
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c
70a771b4b72ced5ee3f240805fd2b68e928340a608246375cd8f06e95d594f0b
711c4782a7b90e63b305aa18412fa3a98dc2f839703ccce66779009aaa7e955d
742d2f7f43e3eb8c7e5a12f24afcd4dcc03e11a31223060eb03d95b91ec07cc7
77a38038fc67fe9bccd2c9f988c074bf3ee2148e9fa3d6a7bed04947ff8b4863
78ad903f00303d7180dc8da76cf1613105d8e64eaabce1d8b38c2094e0156c9d
7c952bb58cf9e432b87a5138a8d03383f6d059fc36000ef4a74be712161c219c
7ccd3a16c0af962e276c6b0ff2c58357e428a31379ab30d0dbb2f84cd31af178
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
902a2c3c6fb931f76bb5aa75cd565243c413b93c144a4e7d10a16da906979214
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aa8329e8b5a41a9fbe7617d77334dcdf25bbeac69316923e4d09c14617568da1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b66f00fa51e00b4daa0b385cdd42b15739a813febb9f9cb9faf14b4a4db2a342
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc30b2e232172e0d8ea0d39422a7c92b0f38043ab30aed4a3d354836d59c64bd
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be71a1f9e05111031d7e550e05fe8c8bfa4b0f4c20d8380ca0979a4b4a7eb014
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c14ae3d7e4f0cc73a2c5bd40b1898f267ec2a6f9f733f93225750e5d9154a45a
c31206717e4cf04c88f77e76c09d06baba9bd7ff1a674cb13d5f564d9c69f21d
c6dec0f40564ef3bd3d94ad102757fbce6068609abd1c337534e5b86ed4c7bb0
c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
d09beff50865b40927cb8c354ba9a975345d98912bfd6de6f5b6b55fee96423f
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d6b26d180e0d54e93c13b82abc73e0d09c344f7c52796a3b20256d90f45e1e73
d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837
db236586fe21257e3d9b959bdeb2e6883f01a09718c3ab73728e21f7a96c5ba0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0ea6de8d7ee84105edbfd9cd4d86d002962e126b9776d1d91c6de42c48a0106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448366ba538d2d65714f62ae1af89f2f5dd3ccc64af549bb3a84d9cea541dcb
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e68b1ea6c9a742a416a355c1a63563cf0f49b374300cb956a03a3e25c9475242
e68fbe8dd70e2978b3c8d8a6c7b9ecccf42d7a84b87f023d5f7bcec7f546808b
e8aa641f970d7f8010d991990de0cac0ed2f8136c931b5a14cbe8607c6c7fb9a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ed5e39a5e31422d00c47d556b404949be82c30c2face801c020c343c7457a615
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb0a20937ab75c11ddb5e115d59675e5b106ebb5e755c41a15d98889a97e659
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fdd79ce550004a168443858d7317ae45f42e4eb262ca17b32c64a1a30c088399
fe1bd3df8f20fe537d1ad985ecd7b169c10e1d0e2cc0860bc4b4c326d152420f
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed
ff4aa1f679d608f7277b0014a328b148ead0bddee3a60ebd189561826f26998c

www.cyberscoop.com Open in urlscan Pro 18.64.103.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

223 Requests

99 %HTTPS

64 %IPv6

33 Domains

49 Subdomains

43 IPs

6 Countries

3552 kBTransfer

8405 kBSize

26 Cookies

21 Outgoing links

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
18.64.103.11 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

99 %
HTTPS

64 %
IPv6

33
Domains

49
Subdomains

43
IPs

6
Countries

3552 kB
Transfer

8405 kB
Size

26
Cookies

223 HTTP transactions
7 data transactions