URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Submission: On April 14 via api from IN — Scanned from DE

Summary

This website contacted 43 IPs in 6 countries across 33 domains to perform 223 HTTP transactions. The main IP is 18.64.103.11, located in United States and belongs to AMAZON-02, US. The main domain is www.cyberscoop.com. The Cisco Umbrella rank of the primary domain is 323609.
TLS certificate: Issued by Amazon on October 27th 2021. Valid for: a year.
This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 33 18.64.103.11 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
38 142.250.186.130 15169 (GOOGLE)
16 52.216.102.13 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 199.232.56.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.22 2635 (AUTOMATTIC)
2 2 2620:1ec:22::14 8068 (MICROSOFT...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
33 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 34.241.76.101 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 141.226.228.48 200478 (TABOOLA-AS)
25 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
2 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.195.15.58 15133 (EDGECAST)
3 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 44.241.77.164 16509 (AMAZON-02)
223 43
Apex Domain
Subdomains
Transfer
64 googlesyndication.com
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com
555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
908 KB
33 cyberscoop.com
www.cyberscoop.com — Cisco Umbrella Rank: 323609
651 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
ad.doubleclick.net — Cisco Umbrella Rank: 196
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
784 KB
16 amazonaws.com
s3.amazonaws.com
68 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
4 KB
14 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
422 KB
9 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 573
static.adsafeprotected.com — Cisco Umbrella Rank: 565
dt.adsafeprotected.com — Cisco Umbrella Rank: 517
95 KB
5 google.ro
adservice.google.ro — Cisco Umbrella Rank: 45236
1 KB
5 gstatic.com
fonts.gstatic.com
103 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 4702
3 KB
4 wp.com
stats.wp.com — Cisco Umbrella Rank: 2657
pixel.wp.com — Cisco Umbrella Rank: 2521
7 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3990
60 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1059
trc-events.taboola.com — Cisco Umbrella Rank: 1698
18 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
2 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2374
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
428 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
2 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4897
5 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 10533
345 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
36 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5383
501 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2289
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2287
20 KB
1 t.co
t.co — Cisco Umbrella Rank: 476
337 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 524
459 B
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 7152
3 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2436
895 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 619
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 913
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
60 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6966
145 KB
0 atdmt.com Failed
ad.atdmt.com Failed
223 33
Domain Requested by
33 tpc.googlesyndication.com securepubads.g.doubleclick.net
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
33 www.cyberscoop.com 4 redirects www.cyberscoop.com
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
ad.doubleclick.net
tpc.googlesyndication.com
25 securepubads.g.doubleclick.net www.cyberscoop.com
securepubads.g.doubleclick.net
www.googletagservices.com
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
16 s3.amazonaws.com www.cyberscoop.com
14 www.googletagservices.com www.cyberscoop.com
securepubads.g.doubleclick.net
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
www.googletagservices.com
10 www.google.com securepubads.g.doubleclick.net
www.cyberscoop.com
tpc.googlesyndication.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.ro securepubads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 dt.adsafeprotected.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
3 static.addtoany.com www.cyberscoop.com
static.addtoany.com
3 fonts.googleapis.com www.cyberscoop.com
js.hsforms.net
2 track.hubspot.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 trc-events.taboola.com cdn.taboola.com
2 pixel.adsafeprotected.com 1 redirects b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
2 www.facebook.com www.cyberscoop.com
2 px.ads.linkedin.com 2 redirects
2 b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.cyberscoop.com
connect.facebook.net
2 pixel.wp.com www.cyberscoop.com
2 forms.hsforms.com js.hsforms.net
2 stats.wp.com www.cyberscoop.com
1 cdn.bizibly.com b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
1 s0.2mdn.net b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
1 ad.doubleclick.net www.googletagservices.com
1 www.google.de www.cyberscoop.com
1 555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 t.co www.cyberscoop.com
1 analytics.twitter.com static.ads-twitter.com
1 px4.ads.linkedin.com www.cyberscoop.com
1 www.linkedin.com 1 redirects
1 public-api.wordpress.com www.cyberscoop.com
1 js.hs-scripts.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com www.cyberscoop.com
1 js.hsforms.net www.cyberscoop.com
1 cdn.taboola.com www.cyberscoop.com
0 ad.atdmt.com Failed b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
223 49
Subject Issuer Validity Valid
defensescoop.com
Amazon
2021-10-27 -
2022-11-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
s3.amazonaws.com
Amazon
2022-04-01 -
2023-03-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-16 -
2022-07-15
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-21 -
2022-04-21
3 months crt.sh
*.google.ro
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-12 -
2022-11-14
2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
fw.adsafeprotected.com
Amazon
2021-08-11 -
2022-09-09
a year crt.sh
www.google.de
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
io.bizible.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-30 -
2022-07-05
a year crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2022-03-08 -
2023-03-07
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-11-19 -
2022-12-18
a year crt.sh

This page contains 30 frames:

Primary Page: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Frame ID: EB0632ABC732054EFA845FFFD4CA4452
Requests: 93 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 3A276116F9642C69733F0FC92492705A
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 6D9D27DFFE7F689D4F9E94C58E2356A2
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: EC68681FD7116B491DD12AF6DA524B11
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Frame ID: 6492C098A8CFAC613A6061B217D29F1B
Requests: 9 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: C0B401619D711453D2E167F401F751DE
Requests: 1 HTTP requests in this frame

Frame: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAA86615D3FE0B155AB58C713C21A9D8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5VEq2A7I86S5LfArIQ7IFXQI74aNPIV2GCav39MixvJx9NzQrDL1T0jee_uw6wMfde0zxa2vKtSNnN9nuW_PaRp5Dc6FzyAGeBIEFCi-maqFlg37e92Z3O-bH_4vrNUBd0EIu3kQpQF47vntb1RrbO_Lx9vhZPSIZIWLk5hH5rncllNduB1GmXyyEafc7E7CskBWc1EXgibqD3DzjPpDQKT7HeQyujZ3IhvdE_OFbhrTiQfqyl9WsgBJagV0WBr_Pst0hi-LAetQOq0ROLcmUhj5uTBixHuhBl0vHAX8TVo16_zzoz3rp&sai=AMfl-YTBwVOK3sQAlHDKi8DUcTbSIaHXUAE6nn5vm67D1IQwuHlHcaG-LNkSbhZy4cpMBHsyI8K4zIJMTV8Kh4nWBWWyOixHytjEVo8oLT2PlDS5zlkbSnniWFVFJ4q320g&sig=Cg0ArKJSzLaCGodzHYdpEAE&uach_m=[UACH]&adurl=
Frame ID: 61606020E140C577A1B2B82FBCDDE3B7
Requests: 9 HTTP requests in this frame

Frame: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AD9F4DB75C3B3C2B516782BE93A473BE
Requests: 23 HTTP requests in this frame

Frame: https://e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E0CA05561C4D181A6481DF5EC2BBF5CD
Requests: 1 HTTP requests in this frame

Frame: https://63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8A59644329B09228C1833E3C892D377D
Requests: 1 HTTP requests in this frame

Frame: https://b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AF34102EF330EE87A01F4413E336F282
Requests: 1 HTTP requests in this frame

Frame: https://555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9A689B9B795FEF23D3BE22DB551E6D86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEqS_4EZLJ0Ny0GtbTp89g2IBG2LODIbmJCz4NBf4LrC2SLgo98-xrCPpa2wZs3TcPUqGe67vcVVDKLio2Uz7fV62wmAdpDaSK286PzvzHCkMJrHBDCaxi7hbOPvIXoXMTTD9O95Kx4ljTGCiztuQRlf5os0YD0RuY-X4HmI2e9lzbh7HiKKpHKeZnmefYAagsSxxxhJeYvf5LmBv7eBMCQtg4jYKTlSEGcMeiC-7-zTx1497gjtmwGplDYWTkwBAvl306IYSa6966-Ad8T5V6AHxdZyYtoGyam9-zh4jdsaA627oAg5hxWt4QQFLqSjlkgnR2j-VGIQ9gGuh1Sg1rysb&sig=Cg0ArKJSzBfdQx1UrPQ_EAE&uach_m=[UACH]&adurl=
Frame ID: 6FF6A1226EBB7DE1046FCB32E0C0F70A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOh-yVqjtqIkCZNbhm017L8OtiACT3zoFZjUF7k5uuFj_SlH9bPrJVXoWaM-7rJSJpgA0sPUkHfrxQWv_niiW3bDquKLNEhAs2dYhoocmVWi7cHv1cQpeiG2XUTQ2Iuh7E6fFGR9FetDE7A5ohB2rnJ0yN_xjG-s0bqt-d_bpjgAJ6QXrhnrp9E2mcOIcby_aGgavxHCeKoFJIUuNGeN7wNEV6uL39XmlD96dOMC45lHsQ6ReVSqQhZMmAVTsAbDNZPlrIi2CTHV1aX5dgtDImjDJENebChizixQmpGrm4HJa9MM4hI0sNfVFMy_doWNXTLvLw8eOZP6bcDdegbKoRH3THlg&sig=Cg0ArKJSzLEL9WeM5_zIEAE&uach_m=[UACH]&adurl=
Frame ID: 8058C9A4B41D3A2380F026310EC33619
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplFv-wv6UwbKqpE0h6-RCVJXT7SxGq2Ig_nOTloVAc1qxZZPjUFjwHpoqWxk2r_nlM02iFv5JvOwq0jWIk7YibL89YUbSlPGgs_dnjBPf4eBJh0GUZ4ODJAR16jeBSzAY3gnR77F7woHY2cTtMKPe1_qGveNcGssONrgCtKlGzk7_THpx2zI4PljT5NhslYN17qfjoC2hzTnRoYcoJXT5k-Iku25qSDBfiQcjZZLF2TwLTGROXccBvljNmVEu-KdxRzlaSkCrtx8czWh6Y3Cyq6eqSRjG5yNBeyj1r0m8fuaLE0x3O1tTNVO9KIiaPtfM2Uut2AuFUYRv93b2vUWQ&sig=Cg0ArKJSzHnmNkMOQ-HqEAE&uach_m=[UACH]&adurl=
Frame ID: 7F9777E1F767C9426E501AE398DD31FE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFPDcpqj0JEykUSMPT7WlkrQTwlwPZcNxVzS7RhUSDsZ9jHqpPHGEGnJoR62nD-YBD31Wgrg9MJzJoUKqkw6I08np_HjN_N7VNXNdIOXCikMwvWYLfYvkBEjuFI73sFLPvoNHyN4WxbTut9HGBDG6exOAUy-TbdMlnlD78hUHnxudpvXCUGYeF77f0bH6LKazdCQADl5-Siw1lDtyyNmP0td7Dae18gstzj4HV6-0V1ydZF-t9kMaaKWLsaYFEm_zA3nkK_aPMzcIVsSaHXF4mifWnfHdZIvE_sQ2SLMt7eI5UHJXYsJvS2b9PHCD8i5_Y6WRZqD3KUInY&sig=Cg0ArKJSzMnhwgJuNw44EAE&uach_m=[UACH]&adurl=
Frame ID: A324CB5114ACF451C3DD818F01D5DCCD
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7F12E293DDEABBB62ED2DFA3967F1464
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3FF823BF3B1E96C847B721EC280A4DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB4215820C8BA95B7814ECA31780A170
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4D129BB776DAF85BFF0B8BB746941F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5655F3416E05C5BDB275C02E0445644
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D36C31F7BB0F4ACCEB2780AAC6B0960
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF8C1A7AF039ED0BD5A4DE83B42F2665
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64A3A4E8FDB0645133FC85C45AE3D7F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4C7DDA5366A38113735559D9EDDC05D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E33775F80E94C0ED47CC90ED2516362B
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FC56BC4663ECC230B39D770B89342826
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B7CB266E8489BD1975C5EF3C93C85E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CECA55A03C2A981D7E461C2ED7B3779B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

DOJ's Sandworm operation raises questions about how far feds can go to disarm botnets - CyberScoopMagnifying GlassClose search resultsTag

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

223
Requests

99 %
HTTPS

64 %
IPv6

33
Domains

49
Subdomains

43
IPs

6
Countries

3552 kB
Transfer

8405 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
  • https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Request Chain 36
  • https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
  • https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Request Chain 37
  • https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
  • https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Request Chain 42
  • https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm HTTP 301
  • https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Request Chain 88
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1649941998394%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E
Request Chain 204
  • https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:39a4a0a9-a8f4-4e96-afeb-63601ede463e,c:9LtRMe,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7f56698b44-hznq2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:483,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:555,oid:a772b6a5-bbf4-11ec-a040-4e7dcf265015,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

223 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
76 KB
20 KB
Document
General
Full URL
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
be71a1f9e05111031d7e550e05fe8c8bfa4b0f4c20d8380ca0979a4b4a7eb014

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:13 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/64322>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=64322>; rel=shortlink
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
kOUD5ZEzg0yrNoA2Vy9qxlow9O6qeUzCJvcvLnUHHyKc5btafA_22Q==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980
/
www.cyberscoop.com/_static/
96 KB
14 KB
Stylesheet
General
Full URL
https://www.cyberscoop.com/_static/??-eJyNy0EOQDAQheELqYlQYiHOUu1EhmlJpyK9PRsJO8s/731w7oqC5cOhgBUBR5Jg4s2uimmKJmaQlBlLT6G8DwW8xSLg0ZFBRo8hfWJnkzEqxtnY/I/f27sfNPqhapu+62td6QuH1UGz
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
061473d06c676e692148c9e53870122e472f133abc759c56e871a162e79b9376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Fri, 08 Apr 2022 17:51:53 GMT
server
nginx
age
146739
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
14166
x-amz-cf-id
LQOXMEr0PJnMek4h0HrByL7Ufx7mbirV8hQbUTN9kjAbt2bICyeFHA==
/
www.cyberscoop.com/_static/
168 KB
27 KB
Stylesheet
General
Full URL
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
age
662419
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
27224
x-amz-cf-id
6C7a6sMjacJ8ezHz8rjycWQBzug-pvbrMzZnlwIPuJ6BKSX-bK-WhA==
css
fonts.googleapis.com/
8 KB
804 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 13:13:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 13:13:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 13:13:17 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.3
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 11:47:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 13:13:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 13:13:17 GMT
/
www.cyberscoop.com/_static/
88 KB
17 KB
Stylesheet
General
Full URL
https://www.cyberscoop.com/_static/??/wp-content/plugins/add-to-any/addtoany.min.css,/wp-content/mu-plugins/jetpack-10.8/css/jetpack.css?m=1649173140
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
e8aa641f970d7f8010d991990de0cac0ed2f8136c931b5a14cbe8607c6c7fb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
age
56915
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
17254
x-amz-cf-id
NshxzlghcjdWwlnI_qTjdCnuvtYRvTUxSW2QELyXpxSmrErSpalEKQ==
/
www.cyberscoop.com/_static/
265 KB
82 KB
Script
General
Full URL
https://www.cyberscoop.com/_static/??-eJyVkWFOwzAMhS9EFg3Y0H4gLsEF0sTr3KZ2sZ2h3J5s2gQ/oKKSJT/F73uKbP85O6SYSwL1Q6uPAlJvbTMhbQZ98EsmN2EvweCnOTIZkHk7wdSQ9nJVLtYORCPzfInpMtL4jpZhHadIfQaNwjmvJA3jWDs0/e23cy490hUuCuLCOVgQH1TB1B9zsLnh8q3WhyhkiPZ470sBISVn7ALVizRu4q97JFTzZ6DE4gV6IGgHYXFSyHCC/2BtNHOuR2wrXbKfmMf78t6m1+3++fByeNptd8MXnQjbog==
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Fri, 08 Apr 2022 17:51:53 GMT
server
nginx
age
146739
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
83160
x-amz-cf-id
PqzxlnnuyhzS6n4kwzOzcet_8CiXkMZt8RHIPattAgVHl7nEVrm0WA==
i18n.min.js
www.cyberscoop.com/wp-includes/js/dist/
10 KB
4 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
2056269
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
3968
x-rq
hhn1 0 4 9980
last-modified
Fri, 18 Mar 2022 14:57:07 GMT
server
nginx
etag
W/"62349dc3-28a7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
jihhYH1ltRvF3od8uok-EF1VbPpY7G6clhCciZ9f-PTPE3uW8Mzxtw==
expires
Fri, 14 Apr 2023 13:13:14 GMT
i18n-loader.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-assets/build/
6 KB
3 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=7b3aca48d6809a4527c8a9bc9c7a1d1c
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
40905beca0f8b5ff867fa2f103e951dd2416853df1e8f7d7453a74708d779277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
589067
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
2428
x-rq
hhn1 0 4 9980
last-modified
Thu, 07 Apr 2022 17:16:16 GMT
server
nginx
etag
W/"624f1c60-17ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
y-SAtBUvyAG-gM058oRUXazBRVTk3azaCFaMedkDYLhiyrr7rVodWA==
expires
Fri, 14 Apr 2023 13:13:14 GMT
tfa.js
cdn.taboola.com/libtrc/fedscoop-sc/
55 KB
17 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db236586fe21257e3d9b959bdeb2e6883f01a09718c3ab73728e21f7a96c5ba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
hD7ihgKeI7jv_ka6ffTkMBHiSWVwlMGH
content-encoding
gzip
etag
"b6d806962ac8eecdcdb3343909aebea8"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17361
x-amz-id-2
z/qzY8Fw+2WKE3ZPeSs7+Si8JADqg69VnOoElEvA7s7HrFNLZCKjPUjRtMQtbZOhyQYk8LpJ3tI=
x-served-by
cache-cdg20755-CDG
last-modified
Sun, 10 Apr 2022 11:16:14 GMT
server
AmazonS3
x-timer
S1649941998.793817,VS0,VE186
date
Thu, 14 Apr 2022 13:13:17 GMT
vary
Accept-Encoding
x-amz-request-id
K967GB5VC81W5XXA
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
14
x-cache-hits
1
/
www.cyberscoop.com/_static/
151 KB
47 KB
Script
General
Full URL
https://www.cyberscoop.com/_static/??-eJzTLy/QTc7PK0nNK9EvyUjNTS3WB4qAWbrJlUmpRcXJ+fkF+lnF+pl5mSW6JYlJ+fk5iXpZxTr6ROtMLCggTUNual4pUId9rq2hmYmlobmxoYlBFgBj/z5I
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
age
662419
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
48037
x-amz-cf-id
5oBOIjVzWw2vdlN2ZpoJp2BBMXvyLqUfE9_e95RZk5jQ06mn9qc-XA==
ads.js
www.cyberscoop.com/wp-content/themes/cyberscoop/js/
0
0
Script
General
Full URL
https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-rq
hhn1 0 4 9980
server
nginx
age
21
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-pop
TXL50-P3
content-length
146
x-amz-cf-id
i0cfcVio9phPAiHa3f0HfAXh0yfpBS37agI1qyUf86pQEdEMom_8sA==
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
3862062055d3517248ec20f289a416f90399a5ee6be769538ede47c12be79487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28365
x-xss-protection
0
server
sffe
etag
"1186 / 707 of 1000 / last-modified: 1649934388"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/
2 KB
3 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 10 Feb 2021 15:47:32 GMT
Server
AmazonS3
x-amz-request-id
W8CDFKX1Q09Z12J2
ETag
"b3250d52680549abc7222f71b2dce836"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2375
x-amz-id-2
M0/ZTIdQFqfwuQ3l6/RRAxYUHFOEn3esICqjtHYW/IdcZVHn1gYxx0a5C2kkorgzeepEoFaTEmk=
closex.png
s3.amazonaws.com/sng-global-web-assets/logo/
5 KB
5 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Tue, 12 May 2020 13:43:08 GMT
Server
AmazonS3
x-amz-request-id
W8C4G36SPN2Y9BEA
ETag
"6fa9505df4b1d86476aef77673f3b330"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4658
x-amz-id-2
CdqVuBmjdQ0P4xeBQs9bXw/fg8HVIxta5jksCe0XgvaljCX2gq4hm6GiLy26UtycmrkWTkc0mF0=
twitter.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/
2 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/twitter.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
W8CATDEZ4A2XE6E3
ETag
"0bab5422023490b09b2590482b10e983"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2172
x-amz-id-2
OlPq5vUfefiFlWC29YfuRf3cMJpb7UBBYqMclZ3tZ3b8Sh7IiSP+esjMrHsXSbXjTf+shyOjSdQ=
facebook.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/facebook.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
W8CD7TJ17SEGDQ1G
ETag
"0bb97e47c732a1645d42198a7b8b1397"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1272
x-amz-id-2
A9d1dfRgP36j53QQJxGiIdRpi+jphvxffqL47VkoVOKIBnFr2ExnHcT0bzZsE4UH4kTTLlbnybI=
linkedin.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/
2 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/linkedin.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
W8CDM088P0R6A8XZ
ETag
"b05a15a980fa7ad56a297860e33c6327"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1857
x-amz-id-2
ssDHh7s+kNdhDfC2fT3RM87pkYtAXKnsxWMV3JXHhuxcojvnRPBcxPBeDeuS0gIPBIwGyf+mxOo=
reddit.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/
6 KB
7 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/reddit.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
W8C009CQDSHV37GV
ETag
"8095452e62fa3cbcbdaf4ed982477485"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
6390
x-amz-id-2
kn/qJauRluIhk5OOX2JaXc+LhkYTETq/kaW1CZjixlFfjEtdtX/OcsKvJO81SI8Tsc3/+1GDrjI=
gmail.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/gmail.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 24 Oct 2018 21:24:01 GMT
Server
AmazonS3
x-amz-request-id
W8C8315PK57F7562
ETag
"e5d4decd16518b9f60451876256ea22f"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1181
x-amz-id-2
n2mcbiTDR3NFKDxRTq/fcAzS28wpxnSfUUJRfg6QekZoRNtIGNZcvhfkSmywbQxQBNunWNi/DQ8=
close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/
991 B
1 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Fri, 22 Jan 2021 00:05:15 GMT
Server
AmazonS3
x-amz-request-id
W8C2S26RX8PQ1SW5
ETag
"cde4ecef61a0a35571e737da5276b5e7"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
991
x-amz-id-2
BlygMQyZUZyxnwixxfOXkzkDNPIC8hv6Xu2q7Lkk/m3NrSovU+nlxJ9HDywdw3AkiazStdgMZAY=
v2.js
js.hsforms.net/forms/
567 KB
145 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711c4782a7b90e63b305aa18412fa3a98dc2f839703ccce66779009aaa7e955d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:17 GMT
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 12:23:09 UTC
server
cloudflare
etag
W/"611f9e299e67dc9f3221d4b874ba1c95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVu6JfuPrFKSmqvP3IxEjzIN3HjW5dsdRqbtRcecN4duO4xJfahp1kdUW9yogFPDs0nX6Ed5aYb5HAnSCsryHJzh2xyLT7QylkHrileRjZtjIVvAKB%2BPR%2FTp8FlMxWNrTUZPyZWXijRSL%2Bti"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ybhgd2hYjNq34ZCseA1OWrg7D3AucCvE
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6fbcb2aebb7183a8-MXP
x-amz-cf-id
okdhm7ba40Wl3eA3aDbfafpgSMeiWkUAqxUKaA6zG9rWvF-7yu2Vzw==
x-hs-target-asset
FormsNext/static-5.478/bundles/project_with_deps.js
gpt.js
www.googletagservices.com/tag/js/
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6dec0f40564ef3bd3d94ad102757fbce6068609abd1c337534e5b86ed4c7bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28364
x-xss-protection
0
server
sffe
etag
"1186 / 270 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
/
www.cyberscoop.com/_static/
10 KB
3 KB
Script
General
Full URL
https://www.cyberscoop.com/_static/??/wp-content/themes/wp-theme-cyberscoop/js/ads.js,/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?m=1649173140j
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
age
662390
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-encoding
gzip
content-length
2703
x-amz-cf-id
vU6E6N_-42omvfPJXZ7FBQWE2VuJ3K4RHmNhHdvXU6ncLupwkqCW1w==
jp-search.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/
7 KB
3 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
fe1bd3df8f20fe537d1ad985ecd7b169c10e1d0e2cc0860bc4b4c326d152420f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
589068
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
3036
x-rq
hhn1 0 4 9980
last-modified
Thu, 07 Apr 2022 17:16:17 GMT
server
nginx
etag
W/"624f1c61-1c38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
WTIlEMhLHJvqCurR6zZgIKB-3V5086I_4hdvo3wzJM27iPOWRs1xQw==
expires
Fri, 14 Apr 2023 13:13:14 GMT
w.js
stats.wp.com/
11 KB
4 KB
Script
General
Full URL
https://stats.wp.com/w.js?ver=202215
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
server
nginx
etag
W/"61dc645f-2a3d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Thu, 06 Apr 2023 06:09:45 GMT
e-202215.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202215.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 03 Apr 2023 07:40:23 GMT
gtm.js
www.googletagmanager.com/
166 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c31206717e4cf04c88f77e76c09d06baba9bd7ff1a674cb13d5f564d9c69f21d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61268
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 13:13:18 GMT
wp-emoji-release.min.js
www.cyberscoop.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
662420
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
4926
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 23:38:53 GMT
server
nginx
etag
W/"624cd30d-4705"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
0h2jpIZJq_xITmu5s2cSQvK0jgrmpva_QD3AL8EgsWlsFCdNYsYN1A==
expires
Fri, 14 Apr 2023 13:13:14 GMT
lightslider.min.css
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/css/lightslider.min.css
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
2056268
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
1360
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
etag
W/"622fb5b3-14b3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
cQuCs0mFk-_pxdBZX0IRIA66HKv3bWp3t8jm85CvQyhlSl2_E7CFQQ==
expires
Fri, 14 Apr 2023 13:13:14 GMT
page.js
static.addtoany.com/menu/
72 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
162052
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
6fbcb2b04f775a37-MXP
cf-bgj
minify
CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/
2 KB
3 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 21:02:05 GMT
Server
AmazonS3
x-amz-request-id
W8C8Y049RB2V4TFA
ETag
"b3250d52680549abc7222f71b2dce836"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2375
x-amz-id-2
/Pe7shnRlrj4/QV3mTwQcSSjcsxWrtJ7sjl21AAZtjmx+LR2b2dQ+1EDidT/TjOVlBPeliKFhDM=
SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/
5 KB
6 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 21:02:05 GMT
Server
AmazonS3
x-amz-request-id
W8C577NSMJ08D0WH
ETag
"61428dbcecc23b1679236e221c5228d4"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5545
x-amz-id-2
rnCsUc7HvZQMAAmkpmycqpkSI8SZLrLHLLUhPezplHHXKzdgNnJ4xJboDpsjRBeVtYEamgHCHtk=
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v15/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:33:04 GMT
x-content-type-options
nosniff
age
63614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22760
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:33:04 GMT
PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/
37 KB
37 KB
Font
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/fonts/PuristaMedium.woff
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Request headers

Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
content-encoding
gzip
age
22
x-cache
Hit from cloudfront
content-length
37579
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
etag
W/"624c6294-9340"
access-control-allow-methods
GET, HEAD
content-type
font/woff
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
dNg8no_FE_ojq7MRHejOM1P4ms1fupw-3n00pRC7_DK-E34gQxvebA==
expires
Fri, 14 Apr 2023 13:13:14 GMT
/
www.cyberscoop.com/advertising/ Frame 3A27
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Cl...
  • https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicros...
2 KB
1 KB
Document
General
Full URL
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
48f09c1e2f69b85f86be78957e151e15055d602a90023fa99174df1d25700fdb

Request headers

Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
3ujnAOEt18HfqvkAAKgDM36NKKK3VNjIfrqnnr2_6oJ00lq3NsyrTg==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
NhgADVABVGlS21vCTE8K_Ovh1f1AiLDuuIryOOHpLgGtoBMg8Qamgw==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
/
www.cyberscoop.com/advertising/ Frame 6D9D
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%...
  • https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
1 KB
1 KB
Document
General
Full URL
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
902a2c3c6fb931f76bb5aa75cd565243c413b93c144a4e7d10a16da906979214

Request headers

Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
9c9PFTu_a1FaZyu-XeW1S1-uxWkQZb7qONvZpyPwtaIib5NpUGGT0A==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
rTeFM0aRtrI_bCKSIjcKYUEovBaTAcfu7vbZVGA3-NczRO3b1tjjsQ==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
/
www.cyberscoop.com/advertising/ Frame EC68
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Cru...
  • https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
2 KB
1 KB
Document
General
Full URL
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
aa8329e8b5a41a9fbe7617d77334dcdf25bbeac69316923e4d09c14617568da1

Request headers

Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
U9BTm8ZpXrr3SEzp2YLkb2BnKCjt-OWgYq4f76vbjweoOm_IPxyhYA==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
4
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
IK6hm72b74CUFhrmAuJibT-nAvNKLvo2BhRcIOdWZJqxGWGXMNUQug==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
GettyImages-1389898678.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/
297 KB
298 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-1389898678.jpg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
ed5e39a5e31422d00c47d556b404949be82c30c2face801c020c343c7457a615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 109 83 443
last-modified
Mon, 11 Apr 2022 12:59:35 GMT
server
nginx
age
4
etag
"5355c6a59c29aefb"
x-cache
Hit from cloudfront
content-type
image/webp
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
304544
x-amz-cf-id
IKgZgnhGXSRilz5jyR-V11pEsPqcIkiDudqVoiiDi8BUAFaGkUK2Jg==
expires
Tue, 11 Apr 2023 12:59:35 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v15/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:32:13 GMT
x-content-type-options
nosniff
age
63665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:32:13 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 23:27:02 GMT
x-content-type-options
nosniff
age
567976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25384
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Apr 2023 23:27:02 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:32:11 GMT
x-content-type-options
nosniff
age
63667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22592
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:32:11 GMT
/
www.cyberscoop.com/advertising/ Frame 6492
Redirect Chain
  • https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Ch...
  • https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clega...
2 KB
1 KB
Document
General
Full URL
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
6381b7a6fdaca498a044bd187938dc27d9c6a2c96d8b10854b17c12a34b9bf4c

Request headers

Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
IguE8MswSkHt0-gL-r4v5rBhJnW7QavNLGLyyzZ1nnjEDVBx8WXcEQ==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980

Redirect headers

age
4
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 13:13:14 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
server
nginx
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
x-amz-cf-id
iYhjpq7MGRYeMr9Fso9Tmo3tDSsha_K_Kk48aQWJHivRuBwRPFhd5g==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn1 0 4 9980
json
forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/ Frame
0
0
Preflight
General
Full URL
https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/json?hutk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.cyberscoop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
x-requested-with
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://www.cyberscoop.com
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
6fbcb2b269a459dd-MXP
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 14 Apr 2022 13:13:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hubspot-correlation-id
d389c9fb-a4a7-4aa0-9ae0-ad4907b24d76
x-robots-tag
none
x-trace
2B93AB7D679AB606A30ED0E715E75846692E3D55F7000000000000000000
json
forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/
20 KB
5 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852/json?hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b89cc38fc329aa1d948f3954ac2203be3ae9ac754d34ac9e0ac1fc1c532e3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript
Referer
https://www.cyberscoop.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-origin-hublet
na1
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
56b5c1df-8ef3-4110-b71a-b0c0c288fe51
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2B655C7F7FA0BEE2EC5F6369DAE554262DD3016D41000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cyberscoop.com
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6fbcb2b37a7c3759-MXP
access-control-allow-headers
*
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.35710839690384044
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 13:13:18 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
gettyimages-1160498103-170667a.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2019/10/
7 KB
8 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2019/10/gettyimages-1160498103-170667a.jpg?w=274
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
fdd79ce550004a168443858d7317ae45f42e4eb262ca17b32c64a1a30c088399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 109 88 443
last-modified
Thu, 14 Apr 2022 00:27:04 GMT
server
nginx
age
4
etag
"741b5e8c9421f938"
x-cache
Hit from cloudfront
content-type
image/webp
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
7676
x-amz-cf-id
Uaefgp-RrKAA6RnRDDWfnK-ZoQSDH3JP9ryzHGFi_D13iUlHxAGz7A==
expires
Fri, 14 Apr 2023 00:27:04 GMT
GettyImages-695501064.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/
11 KB
11 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-695501064.jpg?w=257
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
5b52bb673705cc657cee64d8e88f6090d9cd8f5c9eb77bc9feb41788ab10e388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 109 83 443
last-modified
Wed, 13 Apr 2022 20:54:06 GMT
server
nginx
age
4
etag
"43d6615aab060937"
x-cache
Hit from cloudfront
content-type
image/webp
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
10850
x-amz-cf-id
BCWOVRhNNKyFluBA-VtXvVfhRBF-ecRI4o7-FJA4EMGMaRWp1PDoFg==
expires
Thu, 13 Apr 2023 20:54:06 GMT
GettyImages-1293288098.jpg
www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/
14 KB
15 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/uploads/sites/3/2022/04/GettyImages-1293288098.jpg?w=257
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
2fe0f61deac89fba6919104a3ead56be8b6c7998bfd712b198e1fe260233e55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 109 88 443
last-modified
Wed, 13 Apr 2022 19:58:22 GMT
server
nginx
age
4
etag
"17ab94f57b9c9ab7"
x-cache
Hit from cloudfront
content-type
image/webp
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
14714
x-amz-cf-id
T16SIf1fjEuCe0jk1KruuxFzjDrBtO9hFb14EfANx1v-Gn9JFu2vxQ==
expires
Thu, 13 Apr 2023 19:58:22 GMT
facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/
361 B
744 B
Image
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/facebook_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
age
2056214
etag
"622fb5b3-169"
x-cache
Hit from cloudfront
content-type
image/png
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
361
x-amz-cf-id
lm0YhFOXLDowuqoCMt9fOOx5J5_j-NDkCBlQSj_stIBRHUwZQ7hhXQ==
expires
Fri, 14 Apr 2023 13:13:14 GMT
twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/
481 B
863 B
Image
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/twitter_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
age
2056214
etag
"622fb5b3-1e1"
x-cache
Hit from cloudfront
content-type
image/png
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
481
x-amz-cf-id
FlV51W9tBW83DsolP-_BTzqM6wvAbJvO6o4pkXQQurdTXRIaFHDrvA==
expires
Fri, 14 Apr 2023 13:13:14 GMT
linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/
946 B
1 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/linkedin_logo_white.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
2056214
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
969
x-rq
hhn1 0 4 9980
last-modified
Mon, 14 Mar 2022 21:37:55 GMT
server
nginx
etag
W/"622fb5b3-3b2"
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
ObKhljazUeO-qpRyQHFqdYrPbUB7RdaLLG4t_EugHQ9ILpek01PXrA==
expires
Fri, 14 Apr 2023 13:13:14 GMT
instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/
2 KB
1 KB
Image
General
Full URL
https://www.cyberscoop.com/wp-content/themes/wp-theme-cyberscoop/images/icons/instagram_logo_white.svg
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
content-encoding
gzip
age
390
x-cache
Hit from cloudfront
content-length
669
x-rq
hhn1 0 4 9980
last-modified
Tue, 05 Apr 2022 15:39:00 GMT
server
nginx
etag
W/"624c6294-625"
content-type
image/svg+xml
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
_rs12OCvM5D4ZKHwRDzk49aocCFFrmBwmJJyaoHhV6EAdiYvq2cDkg==
expires
Fri, 14 Apr 2023 13:13:14 GMT
Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/
12 KB
12 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
W8C1X4D9Z7CV0W8Y
ETag
"793107aa127f2349e0bb9d0df99cd240"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11864
x-amz-id-2
jV+uLm20/tNocdL4tJUHA0rfNuz61woHWFPj6aKFF+i7R2xeTBdpGxW/H6eo8+csu2IiftSVR0w=
Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/
5 KB
5 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
W8C7BC9689CMKVH0
ETag
"6b8717aa8156bf0573b498232d63b71f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5199
x-amz-id-2
1EJ2jgiECGZK2dx4kxmHmgFWB1wiPbxv5eJ9tXEgroR6kHXOsmRlG1xYR2ddUYcIrGhl3MLJ2vo=
Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/
4 KB
4 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
W8C0AG37PMV24KQB
ETag
"da067ed314fa2f647e16efb7331759de"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4000
x-amz-id-2
Z7qf4DTQrrIYrx+T+YcUmtyheOejLaaR323UNuOW6TkOKmiXUdR/b02pxHCIK5yz2NPnTMpzOqE=
Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/
5 KB
5 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Thu, 21 Jan 2021 23:37:33 GMT
Server
AmazonS3
x-amz-request-id
W8CC6CVHY3VDX7WF
ETag
"62c167ae878c0c3b3a41b50025cacba7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4872
x-amz-id-2
NibusQZEw3bG0+nh1tUsOeTJ5AUULuVkFZaYhDN2ZYGeoGZW5HRoZnfcyGQJBw2Qg6p+zE1sO6I=
Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/
4 KB
4 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 25 Aug 2021 20:12:45 GMT
Server
AmazonS3
x-amz-request-id
W8CE26JM6HAXEE4G
ETag
"779a62747ba1fe2dfac41aa83a03313c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3934
x-amz-id-2
D2+FNJC5hpJL3zIrAkysvi1bJaKLna4Z0BT3BTMuVxcKUn8OE5bLEiK4fVnrBpGIxs21fqUxAqw=
Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/
5 KB
6 KB
Image
General
Full URL
https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/_static/??-eJydjM0KwkAMhF/IbVwtigfxWdKY6uL+kaRK3966IF48iKf5GGY+eFRHJRtngxqnS8gKSzUpi8M7GgqgKpsCqcIobXruUsjdUqzg5/sY0Wqgm3zoD4tyZLLNO78a7MqJm6CRo3lgUSqlgtoc+XU4paPf9Qe/3/p+/QR3QmD3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 13:13:19 GMT
Last-Modified
Wed, 25 Aug 2021 20:12:37 GMT
Server
AmazonS3
x-amz-request-id
W8C2DZBCAT2440HK
ETag
"b5d5b8c0479b1963324ebca52c96a43b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5349
x-amz-id-2
HINgddwQcKuDzU+watGG1fK5TNW8Qz0vKqVP5swkIs4gRMsSycdx66mf/Cd9p0chE2p8d6ZE+rE=
g.gif
pixel.wp.com/
50 B
75 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=200379745&post=64322&tz=-4&srv=www.cyberscoop.com&hp=vip&host=www.cyberscoop.com&ref=&rand=0.9047929712487157
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 13:13:18 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
454.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/
50 KB
18 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/454.js?minify=false&ver=948c2c9d7b88a153508e
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
3d5c432ac1f87c116b88388348b78c08278195f455202173393b9c0576bfb6ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
589068
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
17719
x-rq
hhn1 0 4 9980
last-modified
Thu, 07 Apr 2022 17:16:17 GMT
server
nginx
etag
W/"624f1c61-c704"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
_p1xQlIM9Adf-DxBdAFh1fA8qphJj_8oydIR95qUSr9BvK58XMGfkA==
expires
Fri, 14 Apr 2023 13:13:14 GMT
jp-search.chunk-main-payload.css
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/
31 KB
5 KB
Stylesheet
General
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=aaceb2477698617460cf
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
589068
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
4299
x-rq
hhn1 0 4 9980
last-modified
Thu, 07 Apr 2022 17:16:17 GMT
server
nginx
etag
W/"624f1c61-7d7c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
L4BkfaERhVzp4cj0XldxssXXSnamFILlI97jB4B9f9mjDk2HBhl0Dw==
expires
Fri, 14 Apr 2023 13:13:14 GMT
jp-search.chunk-main-payload.js
www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/
74 KB
19 KB
Script
General
Full URL
https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=6ffb9dd4678b2461bfeb
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=8654f1efea7bf1b79584c07f1d458382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-11.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
e448366ba538d2d65714f62ae1af89f2f5dd3ccc64af549bb3a84d9cea541dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:14 GMT
via
1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
age
589068
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
19052
x-rq
hhn1 0 4 9980
last-modified
Thu, 07 Apr 2022 17:16:17 GMT
server
nginx
etag
W/"624f1c61-1260c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-amz-cf-id
jFkE1wGshTB5nGVZxEuAqVdN0A6_zuJgIkkHuuUYOvPDrKthzwQQqQ==
expires
Fri, 14 Apr 2023 13:13:14 GMT
pubads_impl_2022040701.js
securepubads.g.doubleclick.net/gpt/
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127673
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 10:14:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
51 B
87 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e68b1ea6c9a742a416a355c1a63563cf0f49b374300cb956a03a3e25c9475242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Thu, 14 Apr 2022 13:13:18 GMT
sm.23.html
static.addtoany.com/menu/ Frame C0B4
741 B
820 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
644643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
6fbcb2b2addc83ac-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 13:13:18 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e2s
x-content-type-options
nosniff
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
icons.30.svg.js
static.addtoany.com/menu/svg/
77 KB
33 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons.30.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
13413569
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Nov 2021 01:49:04 GMT
server
cloudflare
etag
W/"132a9-5d0656e4a26b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6fbcb2b2add883ac-MXP
cf-bgj
minify
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
662
Date
Thu, 14 Apr 2022 13:13:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36968
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
uwt.js
static.ads-twitter.com/
14 KB
6 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.56.157 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 00:09:32 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200176-IAD, cache-lon4275-LON
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
WW7Hg1UaiEfLOD6cP8Vfewl1S0Bbayox4Pn2CLF3BbkDKd1WB78MMFx5TrhZqqi1DLasHs9NfSXK+jFQ9KVPbQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 14 Apr 2022 13:13:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
2153467.js
js.hs-scripts.com/
964 B
895 B
Script
General
Full URL
https://js.hs-scripts.com/2153467.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb0a20937ab75c11ddb5e115d59675e5b106ebb5e755c41a15d98889a97e659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
846bca37-46cb-4ac4-acca-d910ec0ce7da
last-modified
Thu, 14 Apr 2022 13:08:03 GMT
server
cloudflare
x-trace
2B9B2B618992BB8E3F5261116F4150E740FF293042000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6fbcb2b34afd839c-MXP
expires
Thu, 14 Apr 2022 13:14:19 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 3A27
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-P3VNJduYXS-leaderboard&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28365
x-xss-protection
0
server
sffe
etag
"1186 / 178 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 6D9D
84 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28616
x-xss-protection
0
server
sffe
etag
"1186 / 341 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame EC68
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28365
x-xss-protection
0
server
sffe
etag
"1186 / 144 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 6492
84 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9J4uXQtutz-billboard&category=threats&tags=cybercrime%2Ccyclopsblink%2Cdepartment-of-justice%2Cfbi%2Chacking%2Clegal%2Cmicrosoft%2Crussia%2Csandworm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b66f00fa51e00b4daa0b385cdd42b15739a813febb9f9cb9faf14b4a4db2a342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28616
x-xss-protection
0
server
sffe
etag
"1186 / 649 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 13:13:18 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3367
date
Thu, 14 Apr 2022 12:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 14:17:11 GMT
integrator.js
adservice.google.ro/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
50 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2814599767980077&correlator=4369690492477379&eid=31067075%2C31064018%2C31065517&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&ifi=1&adks=113530204&sfv=1-0-38&ecs=20220414&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1649941998231&lmt=1649941998&dlt=1649941997035&idt=1012&biw=1600&bih=1200&adxs=480&adys=365&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=640x480&fws=4&ohw=1600&ga_vid=1602128739.1649941998&ga_sid=1649941998&ga_hid=928806685&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
77a38038fc67fe9bccd2c9f988c074bf3ee2148e9fa3d6a7bed04947ff8b4863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19940
x-xss-protection
0
google-lineitem-id
5908512188
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138380260324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2814599767980077&correlator=4369690492477379&eid=31067075%2C31064018%2C31065517&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2Ccswelcomemobile&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3498381169&sfv=1-0-38&ecs=20220414&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1649941998246&lmt=1649941998&dlt=1649941997035&idt=1012&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x532&msz=300x250&fws=132&ohw=1600&ga_vid=1602128739.1649941998&ga_sid=1649941998&ga_hid=928806685&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
78ad903f00303d7180dc8da76cf1613105d8e64eaabce1d8b38c2094e0156c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9441
x-xss-protection
0
google-lineitem-id
5930159482
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381977237
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAA8
6 KB
4 KB
Document
General
Full URL
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:18 GMT
expires
Fri, 14 Apr 2023 13:13:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022040701.js
securepubads.g.doubleclick.net/gpt/ Frame 3A27
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 09:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127673
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 09:04:16 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ Frame 6D9D
369 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 08:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 08:52:31 GMT
search
public-api.wordpress.com/rest/v1.3/sites/200379745/
11 KB
3 KB
Fetch
General
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/200379745/search?fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=shortcode_types&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/mu-plugins/jetpack-10.8/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=6ffb9dd4678b2461bfeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
25d8e04096ef84239b0c6ebbd7f1e834fbbf4489ecbb94ef1373efb76346a9f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
pubads_impl_2022040701.js
securepubads.g.doubleclick.net/gpt/ Frame EC68
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 09:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127673
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 09:04:16 GMT
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame 6492
362 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 12:22:02 GMT
896395920528126
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/896395920528126?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
742d2f7f43e3eb8c7e5a12f24afcd4dcc03e11a31223060eb03d95b91ec07cc7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
fkDfML/vzjEmvPcFKlcB5A+YSa/rrFXM8RWbciv4ug2BFgE25EbTgLMS+qUOgeqQ1wcAetdqD3D48A1kF1mTig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Apr 2022 13:13:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-b...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1649941998394%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fd...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-b...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-...
0
264 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2A3F22174091495686B547F7551E3A54 Ref B: FRAEDGE0708 Ref C: 2022-04-14T13:13:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXcnQ7Q6KyLL2TyNRp4Mg==
x-li-fabric
prod-lva1

Redirect headers

date
Thu, 14 Apr 2022 13:13:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C4C8B67EEAF64EEBA1336373B0B3140F Ref B: VIEEDGE1216 Ref C: 2022-04-14T13:13:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1649941998394&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&liSync=true&e_ipv6=AQIUr3VBTcW3ewAAAYAoNPC6Oov7ge8jeDXUwdW5sw7pajxplzNfdZsFkQIr6Ar03mHvc9E
x-li-proto
http/2
content-length
0
x-li-uuid
AAXcnQ7L8xLrxvztz4lisw==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=928806685&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&dp=%2Fwelcome%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&ul=en-us&de=UTF-8&dt=DOJ%27s%20Sandworm%20operation%20raises%20questions%20about%20how%20far%20feds%20can%20go%20to%20disarm%20botnets%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=320719015&gjid=1658833815&cid=1602128739.1649941998&tid=UA-80491860-1&_gid=988392867.1649941998&_r=1&gtm=2wg460KR697BF&z=807380422
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyberscoop.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
2 KB
521 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 11:21:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 13:13:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 13:13:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6160
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5VEq2A7I86S5LfArIQ7IFXQI74aNPIV2GCav39MixvJx9NzQrDL1T0jee_uw6wMfde0zxa2vKtSNnN9nuW_PaRp5Dc6FzyAGeBIEFCi-maqFlg37e92Z3O-bH_4vrNUBd0EIu3kQpQF47vntb1RrbO_Lx9vhZPSIZIWLk5hH5rncllNduB1GmXyyEafc7E7CskBWc1EXgibqD3DzjPpDQKT7HeQyujZ3IhvdE_OFbhrTiQfqyl9WsgBJagV0WBr_Pst0hi-LAetQOq0ROLcmUhj5uTBixHuhBl0vHAX8TVo16_zzoz3rp&sai=AMfl-YTBwVOK3sQAlHDKi8DUcTbSIaHXUAE6nn5vm67D1IQwuHlHcaG-LNkSbhZy4cpMBHsyI8K4zIJMTV8Kh4nWBWWyOixHytjEVo8oLT2PlDS5zlkbSnniWFVFJ4q320g&sig=Cg0ArKJSzLaCGodzHYdpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 6160
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:12:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 6160
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:11:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6160
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
l
www.google.com/ads/measurement/ Frame 6160
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrRNt3vLTflJpW-ude22a3b5AGLn973TnxKcxi31-mabXRX4PsHaTQWG50W3ZOIygRh97UKchgiTxPXr0yRqJIzPVjpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

17171698307552820954
tpc.googlesyndication.com/simgad/ Frame 6160
298 KB
299 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17171698307552820954
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 19:50:00 GMT
x-content-type-options
nosniff
age
235399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305541
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 14:48:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 19:50:00 GMT
container.html
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD9F
6 KB
3 KB
Document
General
Full URL
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:18 GMT
expires
Fri, 14 Apr 2023 13:13:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsct
analytics.twitter.com/i/
31 B
459 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4f01d6c1-fcd1-4491-adf6-5d89e3bb7f7e&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
111
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
09764fd71a04b0628dfd7c43b7a8a6e4a06a2a720636a7bd538ea3dc8f92c152
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/
43 B
337 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4f01d6c1-fcd1-4491-adf6-5d89e3bb7f7e&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
116
date
Thu, 14 Apr 2022 13:13:18 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
cf1458e6f516305db7aacca9ff93ab8287f1e27a96b32d243de9f623bac97983
content-length
43
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&gjid=1658833815&_gid=988392867.1649941998&_u=YAhAAEAAAAAAAC~&z=452148438
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyberscoop.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Apr 2022 13:13:19 GMT
content-type
text/plain
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ro/adsid/ Frame 3A27
107 B
122 B
Script
General
Full URL
https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3A27
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3A27
51 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2691086534282747&correlator=2033180710239008&eid=31065713%2C31067065%2C31064019&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=13849420&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998687&lmt=1649941998&dlt=1649941997576&idt=1059&biw=1600&bih=1200&isw=1600&ish=150&adxs=0&adys=170&ucis=38wepadzojyq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-P3VNJduYXS-leaderboard%26categories%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&fws=0&ohw=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=159839256&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c14ae3d7e4f0cc73a2c5bd40b1898f267ec2a6f9f733f93225750e5d9154a45a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20169
x-xss-protection
0
google-lineitem-id
5970550983
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138386999426
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0CA
6 KB
0
Document
General
Full URL
https://e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:19 GMT
expires
Fri, 14 Apr 2023 13:13:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.ro/adsid/ Frame 6D9D
107 B
122 B
Script
General
Full URL
https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6D9D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6D9D
50 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1401623283798113&correlator=2209984514183666&eid=31067090%2C44761482&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4064999910&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=position%3Dstatic%26Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm%26categories%3Dthreats&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998756&lmt=1649941998&dlt=1649941997594&idt=1132&biw=1600&bih=1200&isw=310&ish=250&adxs=983&adys=1425&ucis=fdv03oaixj34&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=902284911&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0b7f3bebdb1384bfd4208ccc6aa7771962e3a8ef6e2f458e5a1667e2c92fafa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20037
x-xss-protection
0
google-lineitem-id
5970550983
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387074202
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A59
0
0
Document
General
Full URL
https://63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:19 GMT
expires
Fri, 14 Apr 2023 13:13:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2153467.js
js.hs-analytics.net/analytics/1649941800000/
62 KB
20 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1649941800000/2153467.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:20 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
03FAJR1FDRBCSW2D
x-amz-server-side-encryption
AES256
cf-ray
6fbcb2b8f97b3757-MXP
x-amz-id-2
qRDI4cLSCahDvf0He3SRN7PFg4pF2oX7awLNJ5vVm7W7JAeS9/J79Kn5c9vlGgt9xdGSVCiLSxo=
last-modified
Thu, 24 Feb 2022 12:07:10 GMT
server
cloudflare
etag
W/"1fa5c84f0d8dafc6fe327ea7de52c297"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 14 Apr 2022 13:18:19 GMT
2153467.js
js.hs-banner.com/
61 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/2153467.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
T9XE7Y3GZZVH5P5S
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
8c/It0oZDiiGyRS6t3VkzMJzuckIOegpO3mX0Hj5xiDul+eAQZiJc4pAG/oE4Pufjcj/MiatjiI=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:45:11 GMT
server
cloudflare
etag
W/"fe1f8d01c1ccff5464f811298450eadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
P7RL02J__oOn5v952CjOhmYEuyztTg7c
access-control-allow-origin
https://www.cyberscoop.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6fbcb2b9385b83ac-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 14 Apr 2022 13:18:19 GMT
integrator.js
adservice.google.ro/adsid/ Frame EC68
107 B
122 B
Script
General
Full URL
https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EC68
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EC68
50 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3855446623576426&correlator=2987337211511525&eid=31067065%2C31064225%2C31067072&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2863372106&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998852&lmt=1649941998&dlt=1649941997661&idt=1158&biw=1600&bih=1200&isw=300&ish=600&adxs=983&adys=1690&ucis=j5t3mx6czro7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=345656741&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5156369f789f88745eb663cd28046ec6d8480e46cd4416315a5d1dd576101fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19841
x-xss-protection
0
google-lineitem-id
5970550983
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387375483
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF34
6 KB
0
Document
General
Full URL
https://b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:19 GMT
expires
Fri, 14 Apr 2023 13:13:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.ro/adsid/ Frame 6492
107 B
122 B
Script
General
Full URL
https://adservice.google.ro/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6492
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6492
51 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=957994596409965&correlator=577184023344640&eid=31067075%2C31067111%2C44759850&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&ifi=1&adks=3048910702&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=position%3Dbottom%26categories%3Dthreats%26Tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&sc=1&cookie=ID%3D57594fac4c8d4e50%3AT%3D1649941998%3AS%3DALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ&cdm=www.cyberscoop.com&abxe=1&dt=1649941998911&lmt=1649941998&dlt=1649941997818&idt=1059&biw=1600&bih=1200&isw=980&ish=250&adxs=0&adys=7441&ucis=c977wq7vjbpy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-9J4uXQtutz-billboard%26category%3Dthreats%26tags%3Dcybercrime%252Ccyclopsblink%252Cdepartment-of-justice%252Cfbi%252Chacking%252Clegal%252Cmicrosoft%252Crussia%252Csandworm&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&fws=256&ohw=0&ea=0&ga_vid=1602128739.1649941998&ga_sid=1649941999&ga_hid=2000655955&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ff4aa1f679d608f7277b0014a328b148ead0bddee3a60ebd189561826f26998c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19939
x-xss-protection
0
google-lineitem-id
5970550983
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138386999426
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cyberscoop.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A68
0
0
Document
General
Full URL
https://555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:19 GMT
expires
Fri, 14 Apr 2023 13:13:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&rl=&if=false&ts=1649941998949&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649941998947.1946963274&it=1649941998383&coo=false&rqm=GET
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 14 Apr 2022 13:13:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AD9F
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 10:47:39 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame AD9F
24 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9360
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 15:00:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:48:23 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/779519/61003950/ Frame AD9F
46 KB
12 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
269ae13eec900cdc06e8a846d1e04c0628457519fedd8e7c4bde3187655dedec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD9F
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&_u=YAhAAEAAAAAAAC~&z=974269421
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-80491860-1&cid=1602128739.1649941998&jid=320719015&_u=YAhAAEAAAAAAAC~&z=974269421
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEqS_4EZLJ0Ny0GtbTp89g2IBG2LODIbmJCz4NBf4LrC2SLgo98-xrCPpa2wZs3TcPUqGe67vcVVDKLio2Uz7fV62wmAdpDaSK286PzvzHCkMJrHBDCaxi7hbOPvIXoXMTTD9O95Kx4ljTGCiztuQRlf5os0YD0RuY-X4HmI2e9lzbh7HiKKpHKeZnmefYAagsSxxxhJeYvf5LmBv7eBMCQtg4jYKTlSEGcMeiC-7-zTx1497gjtmwGplDYWTkwBAvl306IYSa6966-Ad8T5V6AHxdZyYtoGyam9-zh4jdsaA627oAg5hxWt4QQFLqSjlkgnR2j-VGIQ9gGuh1Sg1rysb&sig=Cg0ArKJSzBfdQx1UrPQ_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 6FF6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:12:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 6FF6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:11:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6FF6
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
11144123879432257981
tpc.googlesyndication.com/simgad/ Frame 6FF6
68 KB
68 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11144123879432257981
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ed7146242c28ffe4badb868985c73fba2a8a54a500f3433d0aaafccc2f9dd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:23:17 GMT
x-content-type-options
nosniff
age
258602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69241
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 18:45:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 13:23:17 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyberscoop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 23:35:55 GMT
x-content-type-options
nosniff
age
567444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9828
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Apr 2023 23:35:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8058
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOh-yVqjtqIkCZNbhm017L8OtiACT3zoFZjUF7k5uuFj_SlH9bPrJVXoWaM-7rJSJpgA0sPUkHfrxQWv_niiW3bDquKLNEhAs2dYhoocmVWi7cHv1cQpeiG2XUTQ2Iuh7E6fFGR9FetDE7A5ohB2rnJ0yN_xjG-s0bqt-d_bpjgAJ6QXrhnrp9E2mcOIcby_aGgavxHCeKoFJIUuNGeN7wNEV6uL39XmlD96dOMC45lHsQ6ReVSqQhZMmAVTsAbDNZPlrIi2CTHV1aX5dgtDImjDJENebChizixQmpGrm4HJa9MM4hI0sNfVFMy_doWNXTLvLw8eOZP6bcDdegbKoRH3THlg&sig=Cg0ArKJSzLEL9WeM5_zIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 8058
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:12:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 8058
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:11:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8058
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
l
www.google.com/ads/measurement/ Frame 8058
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEl1ZE5ThezcDZGt0Eq4wLN9ljKIXkLqv-833QLC_gi95_qYogC8i0e79QF45vbfh5auYoxgkqqpR8uvlDHb-NO5M_wg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

12868045350961133607
tpc.googlesyndication.com/simgad/ Frame 8058
68 KB
68 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12868045350961133607
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:20 GMT
x-content-type-options
nosniff
age
428219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69991
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 18:45:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Apr 2023 14:16:20 GMT
unip
trc-events.taboola.com/1035174/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=1747&scd=14&ssd=1&est=1649941997349&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1649941999096&mrir=u&vi=1649941997346&ref=null&cv=20220410-1-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.cyberscoop.com
pragma
no-cache
date
Thu, 14 Apr 2022 13:13:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
view
securepubads.g.doubleclick.net/pcs/ Frame 7F97
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplFv-wv6UwbKqpE0h6-RCVJXT7SxGq2Ig_nOTloVAc1qxZZPjUFjwHpoqWxk2r_nlM02iFv5JvOwq0jWIk7YibL89YUbSlPGgs_dnjBPf4eBJh0GUZ4ODJAR16jeBSzAY3gnR77F7woHY2cTtMKPe1_qGveNcGssONrgCtKlGzk7_THpx2zI4PljT5NhslYN17qfjoC2hzTnRoYcoJXT5k-Iku25qSDBfiQcjZZLF2TwLTGROXccBvljNmVEu-KdxRzlaSkCrtx8czWh6Y3Cyq6eqSRjG5yNBeyj1r0m8fuaLE0x3O1tTNVO9KIiaPtfM2Uut2AuFUYRv93b2vUWQ&sig=Cg0ArKJSzHnmNkMOQ-HqEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
12868045350961133607
tpc.googlesyndication.com/simgad/ Frame 7F97
68 KB
68 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12868045350961133607
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:20 GMT
x-content-type-options
nosniff
age
428219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69991
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 18:45:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Apr 2023 14:16:20 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 7F97
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:12:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 7F97
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:11:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F97
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
l
www.google.com/ads/measurement/ Frame 7F97
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTR-XDb5oz67JqujEfMc798o9kiUiCzD7LLpfwVC19ylmjLuuH52X9-Bg42eahtnxyILnokdDxs3y5M8Gd-xpcK2NCZhw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 6160
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvuIy7O-kstoWwPauJjOKH9ZV-EbIAWq3_gy5dwRHVNmcZQKvklVonGTllbGJoru2VndUHTS3xLxtD6D7JzrVVY55IxdUGkB49xV7ywi7IIl2lJLzn_sILoLcuJlR4ATi6EiRaJQZTejvYSV5S26CS3-CoOGbNuVn1nhJMZY6IoQHBE5VVvlaJXRUnveY2yyE2fjynOUvMVPvp0kHVTfeM-w0q_mJNpC74DgcaTGxkz6aU2tk5vaogpYafenFV7m_t9JqiZgFcuNp7TeAq53W2z1Ys5ytSG8OldUUQI8hjTu6-wvnK9ejunO0&sai=AMfl-YTwBzAHDZJ_0EW5AD2LRGpqRv5Vq4hmbXRhlb6hTNbUxidHhDp4WyN86ci1K47SYmxvDmi4nKYfeaHRhNv82tAOS0rsF61SvpfcCF0V4-5GbrKSiKsCgkHOQYMyYPs&sig=Cg0ArKJSzAXBJ5WVsCAsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:19 GMT
truncated
/ Frame 6160
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18a42a82c513ff8d2c5a29542beb4e212ab8aca348c9badf8db63072cac02287

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A324
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFPDcpqj0JEykUSMPT7WlkrQTwlwPZcNxVzS7RhUSDsZ9jHqpPHGEGnJoR62nD-YBD31Wgrg9MJzJoUKqkw6I08np_HjN_N7VNXNdIOXCikMwvWYLfYvkBEjuFI73sFLPvoNHyN4WxbTut9HGBDG6exOAUy-TbdMlnlD78hUHnxudpvXCUGYeF77f0bH6LKazdCQADl5-Siw1lDtyyNmP0td7Dae18gstzj4HV6-0V1ydZF-t9kMaaKWLsaYFEm_zA3nkK_aPMzcIVsSaHXF4mifWnfHdZIvE_sQ2SLMt7eI5UHJXYsJvS2b9PHCD8i5_Y6WRZqD3KUInY&sig=Cg0ArKJSzMnhwgJuNw44EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame A324
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:12:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame A324
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:11:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A324
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:19 GMT
l
www.google.com/ads/measurement/ Frame A324
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmjuHi8FK_sO0CVgu3yN7z7QWgnSp0t1GohdX-OrbZRcLGgUlPEQQ_MtLOMs2kshmO7sHDb37RNqO6ykGjCFA8L_1CAg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

5102188600226944374
tpc.googlesyndication.com/simgad/ Frame A324
129 KB
129 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5102188600226944374
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d09beff50865b40927cb8c354ba9a975345d98912bfd6de6f5b6b55fee96423f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 02:02:45 GMT
x-content-type-options
nosniff
age
126634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132416
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 13:44:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Apr 2023 02:02:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AD9F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0jNsSf6D1rvRwBZmjBJ7Oz-KNTtdSoXuPnEqnR_01VME8nktRp1NGeqntGlxgv_y0ouYxma7UzU_6Kzfm-rT0JgefOqhmy5yo-ZqeBwAc4O9A-1nOYaBLq1FnQwTCG9GUxbefffKMDbngSnXP5W4MKBHKL6qK28rtXQ1EvC4En791XQjNTncrEQv9avIqahJip2o_8Vj7cMxdZoqBF3tuo8_XeXflXRH5X9pyFgMrNZ8gwaIKNFeqQpyOWarvIW6XT55Qml3qy80OFuc8o-cCUVQGLwU2KWS812WlkYtPn0x3RzJorWTaj2_vM7BU&sai=AMfl-YStVVP7B5K8jSthYKM9ADfKe7ufdhP6W6Pd4A86qpPkaTuZRqtCU8LLYsLworamkUvKeQVmr_3qihR9dKUNhrB-Z4D1unmV2kS35ug9&sig=Cg0ArKJSzFhpSDzK85QJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v86.js
www.googletagservices.com/dcm/ Frame AD9F
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v86.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21362
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 15:14:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoFoywhmuB2OG5hXIX7tnuuhHQWwgbdnXT-ZCFkbESs7WmojzTyLcx8KM5ADNScoHzz8nXcNfg-7zPGfOAH4165KG0h4STyqPjxbTMn1CZtuHJorW2D5J6PbIv5plpO1ukG1-LGd_nhQdI1yUwN82weECHMYtfl1G33j77U0sm78YviDK0Ov22tMZ-cbGDLHQXaMxbxWdgLyoa9-R1CbjGE16X9NXF7djJUlgafAYzmwkblX-7alUG4okQQpDneHGyBe454Y4eq2PkBIajFs6IP_tYmc8W2wuejjEgGnEPzSqwOAE4mwPgnBIYqO6WJaTzIPyq9OO_YTiM8VLBb7sN2ik1kFQ&sig=Cg0ArKJSzJMIvU2w68QcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:20 GMT
truncated
/ Frame 6FF6
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dc5dead29a8e998bbad82c2699e084a1fab5f84487faaccfa76723668114644

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8058
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseveX20ZM_h0wrx9miJmdz7NEK0Nh1dfYBUEbq2SiXPuAmAVQ6Zv1kEt_kHnT9FIr_uDJOCISc4_nfnbZXcWXWgIkD1xHR_pGfarU_EdG79RMgTlqB0SP_ek3-RD-Spd7v2v4lx896OBMWUICqoaeGW_i-iTRSucKOI07n4_EQXdq_IFVgZToLp0UxFm9gnCPKjquAXcGR8GTqCmmruQEnaxvHg6Ga1SQqTWGOQIDADPp9UQDnsSqufFk_Zur0vvhjWVfyXnhISKVS_v0s3E7nqp38BXNxN8AxtgC9ClAmVkZQQe7NYcEGj29GVv2L33t3A5FOJHBNLkkMyJljfzNBcKc7EWjN&sig=Cg0ArKJSzDLCRUsdatTOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:20 GMT
truncated
/ Frame 8058
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
428170b3375776277898d1b4b2157287c129a6b1ad5ecaef8f7eb36440b5587f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6D9D
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f24813bdf14374f24177b1d363bd8cb6e94166c44671e619ee3288482b3122d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10622
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7F97
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFmUUkkHGvYe6qao9jqTF32Uq6j25lm6kpeK6TYO8u3idCn-QWOGnE7LrL5a8u2Gs3QRrC9NClueKxhna0jIh5ZremCSGf6ukSEbokV_-iQBi1xXE_uOP2NNZ7PS3KrcGgQcvaeQwfioqxu75aAtb67VqGiW4RoDFQebtm83EJZqk2laaQQrC9sDpfY0_qKgHSaFiXYeoJ8NtRQKcsFX8oQEBOQkVf8wmKTrNPfrieeCMbwU2wkXfAd_yodRFWC2_m1VRGrfw_DVWOcSfaDCOsyniBvf23Rc42PtzKjkiLLaOtbCmJNU9eGAWgtDCl8XIn4f4U0kfTiBxvVbe4t68aRqo&sig=Cg0ArKJSzKNswBBs1ctBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:20 GMT
truncated
/ Frame 7F97
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f10e8853b513d7565d8179d36827b9b61ff2054df307f978ecb128c936d9e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A27
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2f6f4682804095d89027dc017212838c40e4c90ea3b628f507e139b008e606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10522
x-xss-protection
0
B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00...
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame AD9F
51 KB
25 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
28e17391726157b0c7c47b0bce906effd011e630627f19225d0e9e5f989f3e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A324
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunW9V0RuhmVcTxARdP1a9tYrXaff5xx7K5VisEnpzBgltev4h0hRTxfktJhnBzfpsECajfXnqK_CQyiIMP14dwkSJvs9eXn4kj5hlUPZ69pMSm9AZzwo7sNDY_xjyVOB5_qwy87di186dlIzj_a3NbzGXm7QC2YsHRx7cHcz_0tegeibdgHxq4xe-2NVIlwFYfIoaDJ4UqMbfmt6BbNKbNjKa0TtZPiRgcAxS1dz4JRXLKqXukE5hSi5ge2op47_LmC6QKoFRh-eAGzVNCHZAm-tNcwuyBlXnfNpP-ixq7QoDPa4WTqq2F8N5zhWqmxMQrZ6lFtyNHEQZk0e0&sig=Cg0ArKJSzFsufjO5yIo8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:20 GMT
truncated
/ Frame A324
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0ea6de8d7ee84105edbfd9cd4d86d002962e126b9776d1d91c6de42c48a0106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6492
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39c9b3efdf859496ded695f41f8ce902a26fd3062712dcce6c844144620622fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10668
x-xss-protection
0
/
www.facebook.com/tr/ Frame 7F12
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/dojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.cyberscoop.com
Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.cyberscoop.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:21 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sodar
pagead2.googlesyndication.com/getconfig/ Frame EC68
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70a771b4b72ced5ee3f240805fd2b68e928340a608246375cd8f06e95d594f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10518
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6160
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWWpfy4OXsFPLZx2pizhnrFOo6LXEkrvL-X3jicxc050J2vM7NGqTfX2xYpYCDX8ZugkzU-7EmlF0AbbCh4WB2BLrF3hHZQBmON5-ms0Mvt-CCWSbc&sig=Cg0ArKJSzKzI01hdbhM5EAE&id=lidar2&mcvt=1001&p=371,480,851,1120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220411&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=113530204&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649941998495&rpt=718&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8058
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxN6osRK2urmHafZlhcu_I_LtGsNJDnMMCDWG4Kwlme-ETrmGikzKuIAmX_8UVEQIgDv3FOeqCRedOHq580Zehj8YJtx9X0qLnj66zWvVYzGOCwvU1&sig=Cg0ArKJSzOxl7U6jAh2qEAE&id=lidar2&mcvt=1000&p=170,436,260,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220411&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=13849420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649941999077&rpt=393&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6D9D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3A27
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6492
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EC68
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/ Frame AD9F
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 13:03:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AD9F
0
575 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcLHGAkjKfrG_7FE-DJksk092TZGTdKtr8gbA57K81zKsmJ246JOKvgJnGGq4y_aJHcVTI8H-IaKiTtALArDScpqpxUirnfgsCZqI_cZflqs8-cjEeGK-rkSA_aPIyERSOmSMVOe19bwlRR6I3vq7XZazRBHe1YAJSnMcrCbckJPRBj_dYBA&sig=Cg0ArKJSzEsv-K1In1N0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=22&cbvp=1&cstd=0&cisv=r20220412.33095&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AD9F
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 10:47:42 GMT
4220928466902162573
s0.2mdn.net/simgad/ Frame AD9F
36 KB
36 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/4220928466902162573
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 07:37:52 GMT
x-content-type-options
nosniff
age
192929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36633
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 16:51:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 07:37:52 GMT
img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143;
ad.atdmt.com/i/ Frame AD9F
0
0

i
cdn.bizibly.com/ Frame AD9F
43 B
345 B
Image
General
Full URL
https://cdn.bizibly.com/i?v=3569326&a=520739529&c=166451110&s=6840654&p=328652550&m=0&n=1434754143
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63DD) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:21 GMT
last-modified
Thu, 14 Apr 2022 02:55:01 GMT
server
ECS (lhb/63DD)
age
37100
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame AD9F
189 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/779519/61003950/skeleton.js?ias_dspID=64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
3256581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
FP99z_YOqIajpLecNWoHCQv8tlhDX4qLsybSrHvyUvm4B2aCS6-KCg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD9F
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3FF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:10:05 GMT
expires
Fri, 14 Apr 2023 13:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FB42
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ccd3a16c0af962e276c6b0ff2c58357e428a31379ab30d0dbb2f84cd31af178
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TSyU71hgolMyUbPwgoFrJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-TSyU71hgolMyUbPwgoFrJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:21 GMT
expires
Thu, 14 Apr 2022 13:13:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4D1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:10:05 GMT
expires
Fri, 14 Apr 2023 13:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A565
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d6b26d180e0d54e93c13b82abc73e0d09c344f7c52796a3b20256d90f45e1e73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4X590LV5EXMR8Ehy7pxjfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-4X590LV5EXMR8Ehy7pxjfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:21 GMT
expires
Thu, 14 Apr 2022 13:13:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D36
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:10:05 GMT
expires
Fri, 14 Apr 2023 13:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF8C
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7c952bb58cf9e432b87a5138a8d03383f6d059fc36000ef4a74be712161c219c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8BN+v7/R0TDRyXMJPH5hgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-8BN+v7/R0TDRyXMJPH5hgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:21 GMT
expires
Thu, 14 Apr 2022 13:13:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64A3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:10:05 GMT
expires
Fri, 14 Apr 2023 13:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F4C7
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e68fbe8dd70e2978b3c8d8a6c7b9ecccf42d7a84b87f023d5f7bcec7f546808b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k1NzfzlPfSChVgg8GoA5Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-k1NzfzlPfSChVgg8GoA5Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:21 GMT
expires
Thu, 14 Apr 2022 13:13:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E337
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 10:48:06 GMT
expires
Fri, 14 Apr 2023 10:48:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AD9F
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcLHGAkjKfrG_7FE-DJksk092TZGTdKtr8gbA57K81zKsmJ246JOKvgJnGGq4y_aJHcVTI8H-IaKiTtALArDScpqpxUirnfgsCZqI_cZflqs8-cjEeGK-rkSA_aPIyERSOmSMVOe19bwlRR6I3vq7XZazRBHe1YAJSnMcrCbckJPRBj_dYBA&sig=Cg0ArKJSzEsv-K1In1N0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=278&vt=11&dtpt=256&dett=2&cstd=0&cisv=r20220412.33095&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B26247621.328652550;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=3183306559;ord=r7f3r5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu3qBJ1pDTRpJ4bqGIsIoWXUsWwZM-i8ZsFTZv_qQ00ObXzArRYHpivlnHR1I1ic04e28OzDtAO0lgq84_oJczXMrkiVF4QSVw7HD94v_YwgqLKqDub_Mn9Qa_dnytddvTIVzmRvaiKZSNY-Bbj3HO2umPR5hPmFw498aSUAyzs8Q2Y6TjZaAfNq-9nJjClUdNB81VgicdrpgWMO4cqe3yGd9enjSBC7TVDEGV6G61gVU0bzp6eSrYgk2upw-gRyg28-nn-e33-hzF-FaphpNBmYLJyVZwN4iEtae7dccryZR40jEUuuY1u5UN_%26sai%3DAMfl-YTP-mrUy6P7OOC5ZJKDAougqh-S2V2XtnIDXlM3_t3PZQxogpU_or2UjUxIz0T8qS7VSvJcSx0pC0gDcFtElYlIQWShEGJl3NC6DzTf%26sig%3DCg0ArKJSzMLKTBzaxVBYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=acWlRp'bau;stc=1;sttr=148;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame AD9F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMMG7hjkmQHCd_zWTFS3gzFscMOgH2Wl7TYC3OXuRICy9r8hPcW11KIru_iyGsis2NRQZvKSWwtcBILIb2bNVPu8-Mk4feve1kIg_G2jcbv4Oq6XPjAsJnlKWdafwH9M203WtN_YKa9fWSXtVrIUTEjtlzwxyQ4HzgTav9tAVopkpnn3saK4oNTTP8hKrdq78EDZSXEuduX17H3GI9zFSqO00Ds9BjfcF5_hU5uMStmiIyi6_Fn9ElSYfJrNToMQo846H6oz7TzIrec04VIGiA5Gh_EGRZ12Wl9uIDurZfHRA_uMuJ3MxB0_VhhXYuQrY&sai=AMfl-YRQFaCtwKbZTi6RCYk2A0aXbQFBSw-yD19urmDnXnCRoHZi797rmNyO4BonOeCy7GTwJDhFFLxVvryiskdNakGUmigogPwDcUMgzPDK&sig=Cg0ArKJSzICGTAdeSF9xEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 13:13:21 GMT
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame D3FF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:51:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc30b2e232172e0d8ea0d39422a7c92b0f38043ab30aed4a3d354836d59c64bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 13:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10478
x-xss-protection
0
__ptq.gif
track.hubspot.com/
45 B
559 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=93624d15-4dac-4cae-b225-a4f3b60c50f3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&t=DOJ%27s+Sandworm+operation+raises+questions+about+how+far+feds+can+go+to+disarm+botnets+-+CyberScoop&cts=1649942001411&vi=29a4870b016b3bb85d6877545c114a7e&nc=true&u=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&b=143679850.1.1649942001369&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7709829c-2d79-4848-aba4-f23792292b2f
cf-ray
6fbcb2c9ef4483ac-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt7mE6p1mqrsfxz8VqCTAzSm6fpt07G3LdUcdaDi3UmteXvSNru9SskoN5TU%2F2YVZSvcuTOKFOyEdIBVY5yXKUIe%2FsYy4MhpeZqKrmOL1GgZI8FALOwePdA8fR7XIoMVOJxqprou5VCm97ZJQ%2Bm%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
961 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F&t=DOJ%27s+Sandworm+operation+raises+questions+about+how+far+feds+can+go+to+disarm+botnets+-+CyberScoop&cts=1649942001417&vi=29a4870b016b3bb85d6877545c114a7e&nc=true&u=143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1&b=143679850.1.1649942001369&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b27ea980-1289-4ef6-8863-d0a98dcb1f8c
cf-ray
6fbcb2c9ef4883ac-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zLUaANKkrQkZFCwWhLHrMmaGca2wNLRtxt%2Fu87uhlByFk%2BlUxNgtezx%2FbmxcEoqnU8898sx91YHndkEkIOGSdxExSSQDvfeO27H3rvyJU2YzP1z23b1UqKowKxC2xYefhdXHmXO7pZX0G1WRekh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
sodar
pagead2.googlesyndication.com/pagead/ Frame FB42
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=1401623283798113&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame A565
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=2691086534282747&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame DF8C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=3855446623576426&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame F4C7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=957994596409965&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame E337
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:47:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
8738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:47:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 13:13:22 GMT
skeleton.js
static.adsafeprotected.com/ Frame AD9F
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/779519/61003950/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb20e3e43aa6f6ee363af1a1c2fd32...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
age
5008519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
3ddnIojzBZjo6h2OhOucgVecyqnTSalsUMEvDeJ-WgszL_G2YPaj9w==

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:22 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame FC56
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
URL: https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
5008519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
xaVF4wSoxkD_J0rbPUokRkD9uGOyS27H5UimqE577r9iS9DhNQJVnA==
dt
dt.adsafeprotected.com/ Frame AD9F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRNW,pingTime:-3,time:659,type:v,im:%7BpBlk:616%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:553%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:22 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AD9F
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRO9,pingTime:-6,time:672,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:672,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.cyberscoop.com*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:22 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame C4D1
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:51:10 GMT
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame 2D36
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:51:10 GMT
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame 64A3
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:51:10 GMT
dt
dt.adsafeprotected.com/ Frame AD9F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtROO,pingTime:-2,time:713,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:430,bdZ:603,beA:2438,beZ:2440,mfA:2921,cmA:2931,inA:2931,inZ:2945,prA:2945,prZ:2967,si:2993,poA:2997,bl:3054,poZ:3054,cmZ:3054,mfZ:3054,loA:3109,loZ:3114,ltA:3150,ltZ:3151%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D,ha1:%7Bres1:1,ps:1,ts:1649942001636,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:553%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:713,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:545,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B213~0%5D,as:%5B213~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2Z6upr+111%7C112%7C113%7C121%7C122%7C123%7C131%7C132%7C133%7C141%7C142%7C143%7C15%7C16%7C17%7C18%7C19*.779519-61003950%7C191,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:154,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:22 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B7C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:10:05 GMT
expires
Fri, 14 Apr 2023 13:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CECA
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c7a042d050e0fc774e4e13483e88a99afd5116b338ad10a7e34c8c4fd3f7845
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DKHiu1Gkglb1xSvZ+93kRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyberscoop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DKHiu1Gkglb1xSvZ+93kRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 13:13:22 GMT
expires
Thu, 14 Apr 2022 13:13:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame D3FF
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?cy85qQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
unip
trc-events.taboola.com/1035174/log/3/
0
248 B
XHR
General
Full URL
https://trc-events.taboola.com/1035174/log/3/unip?en=pre_d_eng_tb&tos=4869&scd=14&ssd=1&est=1649941997349&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1649942002219&mrir=u&vi=1649941997346&ref=null&cv=20220410-1-RELEASE&item-url=https%3A%2F%2Fwww.cyberscoop.com%2Fdojs-sandworm-operation-raises-questions-about-how-far-the-feds-can-go-to-disarm-botnets%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.9.3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.cyberscoop.com
pragma
no-cache
date
Thu, 14 Apr 2022 13:13:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dt
dt.adsafeprotected.com/ Frame AD9F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779519&asId=39a4a0a9-a8f4-4e96-afeb-63601ede463e&tv=%7Bc:9LtRZk,pingTime:-10,time:1365,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1649942002325%7C%7C2fd33757f8c6a154094e06ca3d17f2a4%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7C97906507fddab139cf3a3ce16916efa3%7C%7C766b52f4cbf191f1a8596eeba5dd7bda%7C%7C8594843a16686a4eb9c7698bf54cedfa%7C%7Cb78655f6c184a0fce1dff51ee943d54a%7C%7C28b2fe26b6457dc02b9db1119c11d449%7C%7C1629390669,im:%7BpWait:22,imprf:%7Bttecl:2836,ecd:220,tsecr:52%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.77.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-77-164.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:23 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame CECA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=2814599767980077&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame E337
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn14p8R1YYv_FGtil9u8P8ISG6AQAAAAAOAHgBAI&bg=!8POl87fNAAZvJBiFTyQ7ACkAdvg8WgiEdQskafOqILrnAIaII_OTIglsH0yPnwhV4nZElHUukv_TnwIAAAIqUgAAAAJoAQcKAIkyjjLGDn2f_eI827cy9lESxnNWAD-8U_AcH3q1gEW6bkO2OJ1N0extH5KdUusSCb9ZEyJjhuzqbRZSKyIsaUMAHQbQQsot0d-AZTTR1nYBlF97VBah7-eygMmlx_a_GP1CI-Z78VzPG7EC4CjF86otvORgnOXmueW1D9j7V43TmKw8EFLq_XmIsZkC9dwfbYxiDGEq5TSUkoBT8KMD2ciOvfmR5k5z3dNoYGKCD8tinB_aJrPXrlwRIJ9pLey8huwVEsdStNqM9p9osD14er23pbT2NRyNU-Zg45iQPPfhmBTIAgVhfxuQ8WVMavTHnnIJtX6VM52Qq2VtLLXOLa5sbmf3HFAXoHcS6Sz61K312JuG4zQ0embJ4fsxvNFJ2zgd4vYf77N2FKdo-El-5eggEXsaaGVNgMqWa-MIAGQBxsjphAxnprJCV-ukYOkbYjh5kTt7ejRflRuTEw0KRkKpOTsg7oovH2uYwihLhHBruY8G5yFIn1_2zuCsr3oT_HwLJzkzT3uODzfcuZRxjFF0gpoPq8phOzvvJ3khSeGcIrPgRZsnE23W2Ep0e-tlhKfDF42oE5eKYIeaXnDojjIFdtDpLlz8I3gUZRBjy-E6_DoxrSbkicSPP7Omn8fA2thrteJo4OyL1ikOQ0pi8KYMRd7bbBBTL3C6MNXDVKsipIT7G7F-tJqZc-fkodx80WPE14sbXU4nvb1rCrFltawCi0zJk_LMMkdtQLSv6XvJuC5lkzgmOTD8ooNiNyKtcFmaGGQW1MzTmKChPEKzpHmLdi1X8uz5j0kqxF93KNA-byeCYLZQ8I5iM9ZE5owRsPJqHoUz7CCM-u86KCsyg9Jnme1M4yGiNo_tdKylCACUttH8WTWQPtaco9UEIZSNmURHX4I0fiyPxrlYkVdOaRkTblSKinqY04yNOPRZwZQ7ll2uYQrwLGkZgA9-K_UEP9bbQD5wI5WWqq3CtJvNA29wsGTGTY4KKSUBv8Nqk45MCDe5R8nbP8nKVFj6oxPz7wjvDS5GcYOdQLM4Va6iPtZbChOCBXY4x9kFXnJymLnAL68k3LKm-5sgFl_qoPnCuXIHRINZG08PVylsU8MZDW6X0o90YXGh3n6Kkx13b4rmcEb3c_egmnSQzEz9ylgI1VMW7J2NurYAPfi9xWC6TosA27otiY1-xxNztb4C4Z7fW2E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame 5B7C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Apr 2023 10:51:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 2D36
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7yr0bg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame C4D1
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?QIcq6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 64A3
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?DLZuIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5B7C
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?d3tMVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D9D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=1401623283798113&bg=!29il2JzNAAZvJBiFTyQ7ACkAdvg8WmGMUt6qxdwCkIS6jZNX9hOo4fKHMwk5qwwdFY3IRuSfqxI_FwIAAAK6UgAAAARoAQcKAKs-xz1nsI_SyDhT7DAo_bPFTE9Q8wNfYcHa6-7HUjn1kgAfQWk1UEYbeIlguYww8FGq1SCUsCoNgiHKXZ2EgNR65J0GZmLPg8i-goeADUzJfpx0kCeGUhnj-qveXXSfbSedMbLFdxiNgvooRsI43CgbUbWGHD8TPS9DRCZsq-qNZxx7nYFW68tS70a-gmRSJA8btCS87FldDtElB-HVypLNJm1zQ8eVGWGxzhqZAsg18_zPoicgp64mZ2RYAK7xlqkVpq762ug6rMJFDeZKmPhRcHRBt3TkADSUX37-S40uDJ0V-W4DKXwv6xDx-6HoqX7LiP_PVci2ZpNhh9p4QKTksS2CBTEXRnFe17wPrEjMzrnnoO2Pksdm73ldXGOcsW8Hsv9qFHd3kcWE99aFGh5qYdf1subd7j7MZhp_H_n32-pPwT6wysrIR6sNPPKENt_DRMa-j9exc2ND4Zseu3DliLLgjvTGJeEdmf8JrKVnjeIc9R2KEa-BYEWvj9fSxUAvehurbEtaW9s1FC3dz0b9yqfdUH7j7uKPqf___iR9TtNHbdAwEj0OzW3cQeT0ugOVx28Iv-ORCbiOj267uayfpsiTQf31HBXYSdf8qA4BWiR7hMp5RXmHz9SVTsEj9eeLN3CHVtIRB7x6pwtdxQHlHjsyb7nR8lIY-43sfXx7QKeL6e0xgShcK18WLOBieHw3raqcAr3HTUtaC3UMf95NCkQSriVM8qY-o5keH9j9DDtP2ZGhaEurTyprRB1oKXnikM0a58KWjvWGhgpQUR8Up_rbqaRdXNyTS2b3WVDtUx98fg_2lckMmKW-j8iSBVWyxcdOn7-YYUhc_z91FLPl9ztX_hqkF9FxUb0hp0McWCIpnZKdCbm5YEoRz1td5BjEgCMLbOCNDbCkwj-nX1DttdUIXn7-hBbJnSECCWWwR4BkyicfkjqGw-9ntJTYv0xQVc_BoqmLUVoqjI2uTlg1h0_4HoDFu-UtJ9wFmxZAH4EWG2ueDNF3yegfFaWYO4Pv3EVvzUHeCpLvOUh6wiBATh2_0ECJOuY0zBifkb8e1bDriTLfK5eFL1tit3PDKe1N6e0jIbML_Fvl_mJveRfBpXiE4njDTUzpF7OdtlbPUMOBtZ6zyzMBIO3RU00ATPMTPHBTzHjh_iLgC2aMVrzegK4xSOEt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame EC68
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=3855446623576426&bg=!BgWlBUHNAAZvJBiFTyQ7ACkAdvg8WnFUo38z3ALmibtRueQrOGcMo_vxiRBiYZhKFHfaj6NRnLEkAAIAAAJZUgAAAAJoAQcKAHFHk86jH7YKX95AspY4OvZ4oFE_RXK1FslpRBI6Ks2tOzW8z938wMiAYvPY2totVZQqiT3QADbEdxv55NvRo8KHDMTPIbnHV3adgC_Lbcsf5f50nXDsf4Ed3K-rC1EXYLZ8dx-ExQY_BwWBOUbrj8j3DZkCu4BU1LOhxv5EleuODJjiJLpWp3m6mYO_b5WJoMyw8uuY-jXOvp09SfqNjPsQsto9oZfYXS8-J84GJKz21YtFpKCyHQnVQ4GDvtEPPcaJ5LgEHwGWtIQbz_VWnkxlrE_1mwXqytMqu_QyQDbN3yTvUMAGVEdtsbuxfZxRG6cYdUc7Opz7idJ78kIX5GiSrgh71NhUme2jb2WsXu1aToK7sMw2dTnHaWyHeDMIBdIQVhK77mOX4np9dN8JBE7ECRWTwSycOWBQvdFexxow4XLjIv-SEotMS88ulq3HJT4o8zhje34JJDXc0phoNcqWS1IsNd8den2pisyIK61ZfvGWO3KWCHplFsOzDzQ9dwy6_djbTDNlxeqf5dVnrtTMHJDuE4ctVLZRLXmyhE32M6SAL7lPLpVbKfm-yc2zUBhwbBU0_amF1JSWbjo9JFxZ54st6-guCtgrP9cN9FlmpJnV_KiF-AKVk7KV5JiMLLO2HiTkJqU0bTxbOIvpW-Hwgbj_DlvoHNv9Ya2qA7RHNRV_fE_B_CZYjCjzWVZdBqjKWnXNSV7NNNVYdZ2NS85_3cgpcMifA0qhYAslkaLYp2JxtAsDpj1Gjn7wl2ejOOyg4xEEhmwkEPYq7zgJY36KU0kISoLFjPGsCf0aKbn4WLTnteSL8EPbcyMDlAEnA7qjpPEtqjittUagPzYdAnWc1WwdfbvikRSZtEJInNdZf2p73xTcKOiAPlfsFEsyfWCElbL_UB4fFHqomGKN_rVGEITD7pZuXq6ev87J5iDpMmx-mvUEo3gt9RqztLkY-HK_Z372wrGD7ylWK5-UzQa6b_TkuKYWsjtd61UcLRB1DqfiNTIAfKXdpVNjbdgJ6ufMAD8CwoGMur1sPgPg068U55r9Uc3STMAIQh4GihwM20kTRIXTwlzcSw7v2IhffQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A27
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=2691086534282747&bg=!gYKlgsbNAAZvJBiFTyQ7ACkAdvg8WuwhD2BiZK9lVWbQC97LwqxcBFcPGdiVzQ5Adzm28bFa3-TQaQIAAAKQUgAAAANoAQcKANXwXNDhbKj0CGJ6XOoagdTCYCaP-O5sAlx_7MXe4OvYjuPQXZ2XkK3xGFXGuzqC4CEwA72DDlsNsivx7VjF4wWDHALtmUfmE5KqwTkXDb3BTXUTYWI6yupB5PCLFkI2bT6hbMrWff2CvC1NJr2Zr8sxGQgcrLId3Ys2PZTO8YhvX46qxqspBQpreX9m4o7UQar1QczYCLQT0LnsqrpyYj0R64ucKD71PaGJaMbOeS_yx_utnN2B0GnXQkqx5BitIzFDHxGD2WaBOZyAIzOlTV4PvHCwAH-ZAr6UsiUSDnQ_WfMntAZs4Dd1S3DlCCI6DujdPUjSyNO4I5thYf0yMyNToLLhRf4cj7jI_CPDHdOHLWKgBKFhGi-_XJTXuCykodMwl_Q7g5YNhD7ekP5hTJzSV3xjYvzrsinDQ835frnuxWp2rLS6AaDgxa16OZTXTvIMPK0I4sDwL4kM-bzTlXdNZ0MK18tWObvDPz3IHqsGORontPQSpskOD7ODdzXnix6RhYcSXSFgMVEaddNSzb0X-Owi2gieaxCU4xycQyOVJL-Ub5QsM7EZ1EuSH4M6CijH54MAf76yprIGtqw9rbe7V0QA5GKFzN-S5Ezq1wJQZKpLEiphRDs5q0X4Ka4p60hRqnOVYf8aJuIPSsirivFW6UAlR6o-4zrXBTI1vQ_-Ic4WtP8aKtyf9uuSvw_gSavAQHaep7arwCmlPcjjJE8dFjhSmQK-nNdrAoGVN6d-WgIuGGXeeh3flSzzLGSb_M3ORqtQ7aafMbKVOHMHDYAG9J5Ty-N6rCMjUJFRUEclqqQZq2UFsXkddowQdx8hKgPp2DjyLuRbTio_Lwf44nCkbBx3MWRc896QvNcvZlSma6QFpR_Z4uv0GVCjN2GIJMQe4RT3QdR_DKBeJR5qHv_zSZxRCXjwdfwZiJVUv21ucrmjcEPA1uy8nxUJnsggumUByifkrExgQraJjR-m_xhom1V9R-YHXSVXVzVSQjLgmfi43uy0cGfBMPPGf49wbTWzbog5EwXCKimOasv4LAxJ2IstBXIHZQxTFsX_2xkqAh6y7gLG-JYFmNDLTR42KI6bkpjCPpxBdurkFJcU1YbPZbpiLfWyDt0mQnZfKjNk3R9GRKKw16o7dhJBqmFP-vDXXepNWDDjQrJzvzYrxm4XuSssufyN68WAIde1TEq2veaz8eoaWseIFYBJxbttHnrwDeGJlIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6492
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=957994596409965&bg=!iYqlis7NAAZvJBiFTyQ7ACkAdvg8WkkzOu2Y9MmD7rDuCcD8W0YXvpnFGZ83NP6DagVfMO4Pbic7RAIAAAJXUgAAAAdoAQeZArbrqDwcHS_34rZOgFyjJo7zYt7bEHI4YQZ99s-vvh6fL-7S_kIBnNg-_09asNpEalB63WJ73DhRJ6nCRIQbMGkGd6zrc_gzWoPxeqCEwcGmzZGDJAqsKoUac_qQb5IpUCZRY7D19ALN4O25BaG6yxofyXRpBMZZsESVSdmAO1u8YbXbsMOWf3G7cktloRWYpoDIpYoif4ukz4mZOc-JkRqFpiV9ema9ldbJ6aEdaEb03XdPTmAtuPg2jAiG3i3RSF61FiM7RJZuet6vB-Ivh8xK8zj6TvBdnLQ-4REwCUTOwlI4Bmd4DXIctGJE-uBRT2pq2iEDS4pjDJtYxAO4TAprtfvHG666C8pgzG7W7xuzfOOeMIi4ZVnT5L8a_nMdQxlJ_cA83Kx82ekikwCBlZ_K6yumAVfwRE6CQWtMLZCgzwEmWAY0OX_JTVTfZ61U8edGrVF2v6BpyEaxsVM3seXOOKolM4PL3UXur7rBmbNo20fWD5FDN-Z9mKfNg7zwsGKd0kyWFLIMlXUpSTiPZ4SbRLtZJbQBkyJSa2guiNxFWZeyMPdc_cYU732ZrYHt8P9yfPR5_ZyYOpDsVPiH5jtydRmMrVK7NwI275atYNw5txq--z95MdZXMblT2C26r_7QvjPvnFnXngtOMUD1Vr3026z7UtuYQI4OEyfDI-FHmzDXQxI7kSR4wriX31El5gbdQtL-Va3UaLmkttLrTAgFnmwf3iZ3VSlozBqAaHHtuF5S8XY73LEyZKouuASl-VmtjnFkp2jT9UPBCqW0THIAfpmyCQ4XePX5mA0mUHMtU6wpHLTVACXYtm5Xdwftj-EC0BYho4AHgTqDcdChUdPyMM4cytKsWe1cLe3jBNpsJN3wx7aTzrXjzLAOvOQoTKxsiXwgKrwRUt5bDYxFnNx7U3xEPrbi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:13:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=2814599767980077&bg=!pKelp-PNAAZvJBiFTyQ7ACkAdvg8WnzY3wFb5x2oyKYCx4aL0Xu6IV2UZ417-LQUV04qeLbm2BSRLAIAAAB3UgAAAAJoAQcKAAu8fDWV5yrbcSK0n5kCoglSl2f6t-DsxdIv8NP05DR3tLWJBnMdY5DFtZHLIVZM_kYrhSbmhWqGNfcW32iW8ZUg9o_SmSW7HD1IsFIBWcn_nIrNF23kf2mFCdN0oqEmIepP8VtgqwICTyv0LSAsiD9Gn0yP71NteITHekfPkqdJLNeDemBxlkdYaR1euYpBctOa97PVVY5V7CG4QQgj1lAtKknelJ4tiMQuq_uh9gMVDQS34QQjvdyfMAz7-qMDPAnlhd9zbDnx_sYCASu7fb7CK8aZNgNb4zxi9ft-HqzBMKNe8UffEOqaNE7F6DoMPZVny4RnfqorfRFA0vkBeput5c0rKTpvNwOe5EV_01GCOTPKV-GtceDroAPewEeq2USBUQYtndb46Xju25PRj7N9eJ02qcrqqwcT02xnevOVYIWOHYK_a0SJF1HpZhpU6btv3NxED8X40BHNzhdGSgF7h2FamHTlDHkkTQ06H1AI4xWwx-cITaq2-tBBXaCZlKAtsmZzZMURTnym3y31TEQmKzT9JbPZm-D7jfBEHncDns-GCp--Slnh60mL8bFvgZWo2ta7fUfSq7Du6xj_MNb90ZWC0S1rpkw1nrgcbCA6QlQThbdqkzhEfSRcwk7rkv-uWf7MWRT8Y_NqiNZuvGH0L1LE1NseaRRMVB29Ly3uIRngmPe7OmfBNbEuI_SJO7drQHS15qAd2T9gDbp8Id8jBCrrq7CA7ZPqdDyv0v9W6oC2651qSseCcaiRzhN10F-2y4nMRoK82n-qCmgA9hAtCgS7jQmCR_2KH7FPrhYBI1iNtHCqA4XkhTvwuQDEvIFgom9_CPKm4K-ZMV7mncy7ceh4TUHYrUEFq3Zzi-c2hGZjU_qQ4SNmn9cNTXD8HsQerjtxrcGwvfGlilpAmSuc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cyberscoop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143;

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| _wpemojiSettings string| hold function| blinkTitle function| blinkTitleStop function| do_stickybits object| runtime function| $ function| jQuery function| stickybits function| flatpickr object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf function| _typeof object| TFASC object| TRC object| _tfa object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| taboola function| pushToSearch function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| a2a_config function| testCookie object| googletag function| createCookie function| show_welcome_ad_desktop function| show_welcome_ad_mobile function| remove_welcome_ad function| onInterstitialClose function| receiveMessage string| true_posts number| current_page string| max_pages string| featured_news string| category_news function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq object| pp_ajax_form boolean| canRunAds object| SNG function| captureOutboundLink object| html function| ppFormRecaptchaLoadCallback object| JetpackInstantSearchOptions object| webpackChunkjetpack_search object| wpcom object| _tkq object| _stq function| st_go function| linktracker_init object| twemoji object| ggeac object| google_tag_data object| google_js_reporting_queue object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init object| google_tag_manager string| _linkedin_data_partner_id function| twq function| fbq function| _fbq function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaData object| twttr object| ampInaboxIframes object| ampInaboxPendingMessages object| _hsp boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| GoogleGcLKhOms object| google_image_requests

26 Cookies

Domain/Path Name / Value
www.cyberscoop.com/ Name: ppwp_wp_session
Value: af1dfb12bf4050364819462585d92e05%7C%7C1649943793%7C%7C1649943433
www.cyberscoop.com/ Name: sng_interstitial
Value: true
.cyberscoop.com/ Name: tk_ai
Value: 4m4C7j9iMatnLgK5ZSUD42RI
.cyberscoop.com/ Name: _ga
Value: GA1.2.1602128739.1649941998
.cyberscoop.com/ Name: _gid
Value: GA1.2.988392867.1649941998
.cyberscoop.com/ Name: _gat_UA-80491860-1
Value: 1
.cyberscoop.com/ Name: __gads
Value: ID=57594fac4c8d4e50:T=1649941998:S=ALNI_MbMKf6h4HmKY0cy14yyunT93rgaAQ
.doubleclick.net/ Name: IDE
Value: AHWqTUke16Y__NGR5sK_kD2V3BOt0Ye4XVGz_LX4jC_Wues5KuY4CjrtwN8elwFQij4
.linkedin.com/ Name: UserMatchHistory
Value: AQLSzX0D8SUCdQAAAYAoNO5V1uhMRsQ2ujM7o-ma4gZVjgiSVWYcUyBiRNKSoQmcF2iZr3NWWKRPww
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLcXCP35CFP-gAAAYAoNO5VKkp6ib9E4_LGrMV2M4AZTu5dgdK-r6sYtcO3jX54TT5D4FP97aMTt_1NU-UH3Q
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ba8781b4-e306-42cd-8839-56cef5a523bd"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2679:u=1:x=1:i=1649941999:t=1650028399:v=2:sig=AQEX1as79WUmXZ84Q780ZXkW97UCmTyD"
.twitter.com/ Name: personalization_id
Value: "v1_HR/CJ7xqFN7XkZ27utBQYA=="
.t.co/ Name: muc_ads
Value: bfa0bede-a905-40f9-85a0-4264cba21c12
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202204141313196d35677c-9d2c-44df-84b0-91a6b8ec9754AQEywndZU06cVUVK_IuTy_sXoy_Jre1p"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDk5NDE5OTk7MjswMjGr9a23IMB2v8cDJ2V/SHuli4L3BTvUXvN8Qsem82BOyA==
.cyberscoop.com/ Name: _fbp
Value: fb.1.1649941998947.1946963274
.facebook.com/ Name: fr
Value: 0JKNcyH2foVsq1I4Q..BiWB3v...1.0.BiWB3v.
.bizibly.com/ Name: _BUID
Value: c3ebeadce9a1380a85412665263f4c31
.cyberscoop.com/ Name: __hstc
Value: 143679850.29a4870b016b3bb85d6877545c114a7e.1649942001363.1649942001363.1649942001363.1
.cyberscoop.com/ Name: hubspotutk
Value: 29a4870b016b3bb85d6877545c114a7e
.cyberscoop.com/ Name: __hssrc
Value: 1
.cyberscoop.com/ Name: __hssc
Value: 143679850.1.1649942001369
.hubspot.com/ Name: __cf_bm
Value: za7C3QeeH88w7bVCyFAZGHcj5orEVIskp_dROhV74KM-1649942002-0-Aaz2gqgSXqVlCznF+gEdBBf+GEIsOyS24HPsy4MAUtQwBThbpdXHE74lPEawz43s+WAL+kSglYZwf2t1bAtgzrg=

2 Console Messages

Source Level URL
Text
network error URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=26247621;s.a=6840654;p.a=328652550;a.a=520739529;cache=1434754143;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

555951e43f10fbc6ef220f0a1a022ab0.safeframe.googlesyndication.com
63250949cd62a1db307886a410e24cb8.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.ro
analytics.twitter.com
b20e3e43aa6f6ee363af1a1c2fd3233f.safeframe.googlesyndication.com
b5f82e4a5b44723887cdbd2745a6c436.safeframe.googlesyndication.com
cdn.bizibly.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
e592fa56b45b0b581f6ab1e9ea3158b2.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.wp.com
public-api.wordpress.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
track.hubspot.com
trc-events.taboola.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
ad.atdmt.com
104.244.42.133
104.244.42.67
13.107.42.14
141.226.228.48
142.250.186.130
142.250.186.134
142.250.74.194
151.101.1.44
152.195.15.58
18.64.103.11
192.0.76.3
192.0.78.22
199.232.56.157
2600:9000:2156:9a00:8:48e:53c0:93a1
2606:4700:10::6816:46c5
2606:4700:4400::ac40:9a55
2606:4700::6810:5705
2606:4700::6811:44b0
2606:4700::6811:b649
2606:4700::6811:d4cc
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9a
2a02:26f0:f7::5c7b:e053
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.241.76.101
44.241.77.164
52.216.102.13
061473d06c676e692148c9e53870122e472f133abc759c56e871a162e79b9376
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09209fef46f45fd4441e0b8dd11af38a277bcfa3032e8cd21579c1143cb2dda6
0b7f3bebdb1384bfd4208ccc6aa7771962e3a8ef6e2f458e5a1667e2c92fafa6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c742642de9c8f39467c54a34b08f124d3eb6ae49356d9b9f8a158424e77192
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15102f00c0b20cff64250b68bc217f41647feb7e76110f62d16234cbc49c63d0
18a42a82c513ff8d2c5a29542beb4e212ab8aca348c9badf8db63072cac02287
1a2814888079619c511d69af17514a0c7bb4f942be94784bcbf85f68fcea6f7f
1c7a042d050e0fc774e4e13483e88a99afd5116b338ad10a7e34c8c4fd3f7845
1dc5dead29a8e998bbad82c2699e084a1fab5f84487faaccfa76723668114644
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ed7146242c28ffe4badb868985c73fba2a8a54a500f3433d0aaafccc2f9dd5b
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
25d8e04096ef84239b0c6ebbd7f1e834fbbf4489ecbb94ef1373efb76346a9f8
269ae13eec900cdc06e8a846d1e04c0628457519fedd8e7c4bde3187655dedec
28e17391726157b0c7c47b0bce906effd011e630627f19225d0e9e5f989f3e55
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c2f6f4682804095d89027dc017212838c40e4c90ea3b628f507e139b008e606
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2f10e8853b513d7565d8179d36827b9b61ff2054df307f978ecb128c936d9e87
2fe0f61deac89fba6919104a3ead56be8b6c7998bfd712b198e1fe260233e55b
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
3097429612cadf41c8c2f08d5cbe3bce1a77aaf73296e1217ad3b29949d6deb4
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
3862062055d3517248ec20f289a416f90399a5ee6be769538ede47c12be79487
39c9b3efdf859496ded695f41f8ce902a26fd3062712dcce6c844144620622fd
3b89cc38fc329aa1d948f3954ac2203be3ae9ac754d34ac9e0ac1fc1c532e3d7
3d5c432ac1f87c116b88388348b78c08278195f455202173393b9c0576bfb6ad
40905beca0f8b5ff867fa2f103e951dd2416853df1e8f7d7453a74708d779277
428170b3375776277898d1b4b2157287c129a6b1ad5ecaef8f7eb36440b5587f
4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066
48f09c1e2f69b85f86be78957e151e15055d602a90023fa99174df1d25700fdb
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5156369f789f88745eb663cd28046ec6d8480e46cd4416315a5d1dd576101fdf
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
5b52bb673705cc657cee64d8e88f6090d9cd8f5c9eb77bc9feb41788ab10e388
5c701ab2009c0c01911be3dbb373cea9edd337b25e43cd2a917caf28486ff83c
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
5f24813bdf14374f24177b1d363bd8cb6e94166c44671e619ee3288482b3122d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ef6ff7641456aa2d94443dff7578d154236f12dcbb2e3dea4e519b0153a468
6381b7a6fdaca498a044bd187938dc27d9c6a2c96d8b10854b17c12a34b9bf4c
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
6a27a65e9c43fb8d9cd1e8640dae7464ee78bf4633c2e34a7345e696c025823c
70a771b4b72ced5ee3f240805fd2b68e928340a608246375cd8f06e95d594f0b
711c4782a7b90e63b305aa18412fa3a98dc2f839703ccce66779009aaa7e955d
742d2f7f43e3eb8c7e5a12f24afcd4dcc03e11a31223060eb03d95b91ec07cc7
77a38038fc67fe9bccd2c9f988c074bf3ee2148e9fa3d6a7bed04947ff8b4863
78ad903f00303d7180dc8da76cf1613105d8e64eaabce1d8b38c2094e0156c9d
7c952bb58cf9e432b87a5138a8d03383f6d059fc36000ef4a74be712161c219c
7ccd3a16c0af962e276c6b0ff2c58357e428a31379ab30d0dbb2f84cd31af178
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
902a2c3c6fb931f76bb5aa75cd565243c413b93c144a4e7d10a16da906979214
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
9e9ce5f71d5199340f9f109561dc1a65bcbba9d4d1ac51546e04ae69f2695784
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aa8329e8b5a41a9fbe7617d77334dcdf25bbeac69316923e4d09c14617568da1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b66f00fa51e00b4daa0b385cdd42b15739a813febb9f9cb9faf14b4a4db2a342
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc30b2e232172e0d8ea0d39422a7c92b0f38043ab30aed4a3d354836d59c64bd
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be71a1f9e05111031d7e550e05fe8c8bfa4b0f4c20d8380ca0979a4b4a7eb014
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c14ae3d7e4f0cc73a2c5bd40b1898f267ec2a6f9f733f93225750e5d9154a45a
c31206717e4cf04c88f77e76c09d06baba9bd7ff1a674cb13d5f564d9c69f21d
c6dec0f40564ef3bd3d94ad102757fbce6068609abd1c337534e5b86ed4c7bb0
c8c35e0f00ccdca409b0b7340bb4c008649529b40a786a51e6d732cbf4f845e1
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
d09beff50865b40927cb8c354ba9a975345d98912bfd6de6f5b6b55fee96423f
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d6b26d180e0d54e93c13b82abc73e0d09c344f7c52796a3b20256d90f45e1e73
d8f580d77a0460f9903f4edab73e1389c95f42e282151902faa70f211f040837
db236586fe21257e3d9b959bdeb2e6883f01a09718c3ab73728e21f7a96c5ba0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0ea6de8d7ee84105edbfd9cd4d86d002962e126b9776d1d91c6de42c48a0106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448366ba538d2d65714f62ae1af89f2f5dd3ccc64af549bb3a84d9cea541dcb
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e68b1ea6c9a742a416a355c1a63563cf0f49b374300cb956a03a3e25c9475242
e68fbe8dd70e2978b3c8d8a6c7b9ecccf42d7a84b87f023d5f7bcec7f546808b
e8aa641f970d7f8010d991990de0cac0ed2f8136c931b5a14cbe8607c6c7fb9a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ed5e39a5e31422d00c47d556b404949be82c30c2face801c020c343c7457a615
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef06bc5e3cc158037771e3ed0d13f75694ffe052cc8b442e02082e85cf85aec2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb0a20937ab75c11ddb5e115d59675e5b106ebb5e755c41a15d98889a97e659
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fdd79ce550004a168443858d7317ae45f42e4eb262ca17b32c64a1a30c088399
fe1bd3df8f20fe537d1ad985ecd7b169c10e1d0e2cc0860bc4b4c326d152420f
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed
ff4aa1f679d608f7277b0014a328b148ead0bddee3a60ebd189561826f26998c