www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W25...
Effective URL:
https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4...
Submission: On April 17 via api (April 17th 2021, 11:16:53 am UTC) from DE

Summary HTTP 237 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 32 domains to perform 237 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 38	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
25	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
11	52.216.152.230 52.216.152.230	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.244.40 52.218.244.40	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:191::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400c:c0a::84	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
3 6	54.171.10.108 54.171.10.108	16509 (AMAZON-02) (AMAZON-02)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 4	54.76.54.153 54.76.54.153	16509 (AMAZON-02) (AMAZON-02)
2 5	35.244.184.212 35.244.184.212	15169 (GOOGLE) (GOOGLE)
2 2	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
8	54.76.195.29 54.76.195.29	16509 (AMAZON-02) (AMAZON-02)
6	35.169.133.103 35.169.133.103	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
237	44

2 199.60.103.2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.152.230 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.244.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:191::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c0a::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.171.10.108 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-10-108.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.54.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

hp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.184.212 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 212.184.244.35.bc.googleusercontent.com

linkto.ext.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.127.121 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.169.133.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-133-103.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com tpc.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com pagead2.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com ade.googlesyndication.com	359 KB
38	cyberscoop.com 4 redirects www.cyberscoop.com	355 KB
29	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	625 KB
22	googletagservices.com www.googletagservices.com	521 KB
21	2mdn.net s0.2mdn.net	493 KB
20	adsafeprotected.com 3 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	283 KB
12	amazonaws.com s3.amazonaws.com s3-us-west-2.amazonaws.com	2 MB
5	hp.com 2 redirects linkto.ext.hp.com	1 KB
5	google.de www.google.de adservice.google.de	638 B
5	google.com www.google.com adservice.google.com	638 B
4	demdex.net 1 redirects hp.demdex.net	3 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	817 B
2	ojrq.net 2 redirects www.ojrq.net	761 B
2	facebook.com www.facebook.com	279 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	96 KB
2	addtoany.com static.addtoany.com	60 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	twitter.com analytics.twitter.com	285 B
1	t.co t.co	170 B
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-scripts.com js.hs-scripts.com	609 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
1	hsforms.net js.hsforms.net	129 KB
1	taboola.com cdn.taboola.com	22 KB
237	32

	Domain	Requested by
38	www.cyberscoop.com	4 redirects info.silobreaker.com www.cyberscoop.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com ad.doubleclick.net info.silobreaker.com
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.cyberscoop.com www.googletagservices.com
22	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com www.googletagservices.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com s0.2mdn.net
21	s0.2mdn.net	fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com info.silobreaker.com s0.2mdn.net 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com www.cyberscoop.com
18	securepubads.g.doubleclick.net	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net info.silobreaker.com fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	static.adsafeprotected.com	fw.adsafeprotected.com fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com www.cyberscoop.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
7	googleads4.g.doubleclick.net	ad.doubleclick.net info.silobreaker.com
6	dt.adsafeprotected.com	fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com www.cyberscoop.com
6	fw.adsafeprotected.com	3 redirects ad.doubleclick.net info.silobreaker.com
5	linkto.ext.hp.com	2 redirects fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
4	hp.demdex.net	1 redirects fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ad.doubleclick.net	www.googletagservices.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	ade.googlesyndication.com
2	track.hubspot.com
2	www.ojrq.net	2 redirects
2	37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	info.silobreaker.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	info.silobreaker.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	www.google.com	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	www.cyberscoop.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	s3-us-west-2.amazonaws.com	www.cyberscoop.com
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
237	47

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.justice.gov
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-01-27`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
linkto.ext.hp.com DigiCert SHA2 Secure Server CA	`2020-09-29` - `2021-09-30`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Frame ID: 1AB00C1E92E382E6139409C52D56C44A
Requests: 80 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
Frame ID: 09A4DF4CBB17EBE852E9FD356972A012
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
Frame ID: B59D5BBCA4BB910C3B2C1C0AAB66E502
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
Frame ID: 4011BE04046D3C084FF3C7BC80B97719
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
Frame ID: 9BF5B513FE08FB3B48922CBAC342D27A
Requests: 12 HTTP requests in this frame

Frame: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F0F6F2F77335C549B2D66F736EE5DC09
Requests: 22 HTTP requests in this frame

Frame: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CB2A82D60A21597B836B1380B8DA3957
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-6biSQIflypFOaX1Yn-E-VrzW7k7oYfrcn-jQUbQRMQqBCxyc49NboFhCBK2KiZb1B5kfzwL9Z2tkifeHHgW1TmkJFpuNAxooJbUmn-9qyiDYYnpWTqQcslXl7Zj-lGmLTFm0AyyXgp8XKbThYmE3Yy4Ix3My9J3j0vU9dPR-CGcn86uWAkCv3c-2bX1pSUQnOPHvdrqdngwX0fjX2F-66-ODB8KQMw-eoclqsbPgAJxAX5kBlr0J76wkca-MwZ7YOruudfdKO9QfR0_YCB17QTrK0xCGX3Ra5og2SbVLBS2hvgjSGw-7zPTw3HKsjOeRt_KYyZsZYw&sai=AMfl-YTANeb5obQSBmqodVbTKCnvb6yQqXjtYfQeuAEfC-3zOWM1Sr_FTfWzEGy7MSa8O6k53OEr9JxhXF1HcQ2LBI7_wWVZdhYdsbxqnkHUN0K48f9kXv4JuQ9gG0xu5Ps&sig=Cg0ArKJSzA_sLReogIGuEAE&adurl=
Frame ID: 17D345667E235CC14F06C0C1B6FEB38C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F12762F23A17CA5B9B244D319537CCA1
Requests: 2 HTTP requests in this frame

Frame: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2E4D8A4D04622DC755BC29C871638F3C
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 41DF769A40FD8F756419B22DD11B1DAE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 46859D353C2D40F978B5ED3B45575E28
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB87DFDE0156CC9F4799E5E62D5DB47D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
Frame ID: 88D48A1AD6A5BBAF6C7C66EB6FEE0B4C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7B8AF5476B6A36C80929926CD6C7D28
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4807732/1613010861642/index.html
Frame ID: AA97FDD8E7F9D16C9DD605D89C6E1936
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: CC62A0E6B5E03F7A2FEFE394F232EE41
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 03884977676256590D73F1425C4CDCF9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 27E8C217D8E01EECE64FEAAAB44F96FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CB724FA9809FE4D7297D881F882A2675
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 386F196B9538FA7321827D19FB23B76B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvS... HTTP 307
https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lO... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

237
Requests

100 %
HTTPS

62 %
IPv6

32
Domains

47
Subdomains

44
IPs

4
Countries

4765 kB
Transfer

10014 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-wdwa/pr/three-members-notorious-international-cybercrime-group-fin7-custody-role-attacking-over
Title: and the arrest of other alleged FIN7 members

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1&__hssc=143679850.1.1618658195874&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1?_ud=841af7f1-caa4-4e21-8acb-e3dadb9961a7&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washington HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washington HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washington HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washington HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1618658192424%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Ffedir-hladyr-fin7-sentencing-prison%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&liSync=true

Request Chain 153

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484 HTTP 302
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484

Request Chain 154

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294799310%26level%3D1%26srcref%3Dhttps%253A%252F%252Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD

Request Chain 175

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D295827114%26level%3D1%26srcref%3Dhttps%253A%252F%252F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114&level=1&srcref=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD

Request Chain 183

https://fw.adsafeprotected.com/rfw/st/582938/52662418/4.js?adContainerId=gcc_ksN6YNP2NcyR7_UP3rKr-AI&cbFunctionName=goog_wrapCb_ksN6YNP2NcyR7_UP3rKr-AI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:8dfcccc0-ac02-6e99-95a4-ddf84d17484a,c:a2N9qx,sl:na,em:true,fr:false,mn:app14ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:suPWPsx+1111%7C1112%7C112%7C1211%7C1212%7C122%7C1231%7C131*.582938-52662418%7C1311%7C132%7C141%7C142%7C1431%7C15,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:20,oid:5ecfd612-9f6e-11eb-bbc8-02c390e9b11a,v:19.8.188,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 198

https://fw.adsafeprotected.com/rfw/st/582938/52802481/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:53af13c8-a95c-15aa-e5ee-f381c8e75e5c,c:a2N9uT,sl:na,em:true,fr:false,mn:app21ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:suPWPsu+1111%7C1112%7C112%7C121*.582938-52802481%7C1211%7C1212%7C122%7C123%7C1311%7C1312%7C132%7C141%7C142%7C143%7C15,idMap:121*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:294,oid:5ecf610a-9f6e-11eb-9f55-0aeb40f66fa8,v:19.8.188,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 210

https://fw.adsafeprotected.com/rfw/st/582938/52802473/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:a3a6fe9e-a3a1-6fc2-a905-d6b8a510ef06,c:a2N9yx,sl:na,em:true,fr:false,mn:app06ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:suPWPu0+111*.582938-52802473%7C1111%7C1112%7C112%7C12111%7C1212%7C1213%7C122%7C13111%7C1312%7C132%7C141%7C142%7C143%7C15,idMap:111*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:425,oid:5ed1d1db-9f6e-11eb-ac8a-0a6d0b536c42,v:19.8.188,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

237 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DD... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 102ms
101ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bf5c77b75da0dda5c739815451ee84b844ceffb122ed34bde15fc485828e0b

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:29 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d9cc7b902ad5fa60141e54997f5aecf7f1618658189; expires=Mon, 17-May-21 11:16:29 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=207cd309ebfb9c00e62de7d5fbd4387251823ef9-1618658189; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 64153dd508a2edd3-CDG
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 098124f92a0000edd3059a5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KoFiFhUeUBM3DBQqHsJNve3prvgUt7tDiba7Mp9Bght9Flwz7b2fbbA3JSFJyvb7hBqn0FJP8NJkACHN1WKytkVbs03nF9K4cAnz%2BFU6TG9ljLmMVg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqd...
https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZ...

54 KB
14 KB

1945ms
1945ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

11f21abcdcc1595ffec98f8bbae16ef14607e6ef6095f769d8ed1f9492fd1c15

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1

Response headers

server: nginx
date: Sat, 17 Apr 2021 11:16:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/55633>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=55633>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Sat, 17 Apr 2021 11:16:29 GMT
location: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
cf-ray: 64153dd5c9e2edd3-CDG
link: <https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 098124f99a0000edd3f52e6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W28acx45Vkyb8GKRDWp6xa1zJ9VGvvm8kfOZUowkREgBokN5xuYvKjEOQlSiDgDxxAo5NHTAzQp%2F8u7yyoibe5j8SfUol4hYEiTQmF8yNm0ycDYGnA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare

GET
H2 200 style.min.css
www.cyberscoop.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 106ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 106ms
103ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
831 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 11:16:31 GMT
server: ESF
date: Sat, 17 Apr 2021 11:16:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 11:16:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
647 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 09:45:12 GMT
server: ESF
date: Sat, 17 Apr 2021 11:16:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 11:16:31 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 106ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 jquery.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 95 KB
33 KB 106ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-17a69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 107ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 107ms
104ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 107ms
104ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 107ms
104ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 65 KB
22 KB 31ms
28ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619cb0f3cb3356334f4b593e7f9b59e1a571a5ab6427e2270e057e8bb40f4dfb

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AoYv0CrKINW0Z.fMDXUzOnhGd_3RJ06A
content-encoding: gzip
etag: "3d50e978d59e5c87a6e808a10d9f8075"
age: 42
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 22341
x-amz-id-2: y6/q+l1pjuku6NnwpODR1F16bXEFDEbTyqHIQc63LQQ1hVLb9n78HXABSIvgxkHjs4nHReCikLY=
x-served-by: cache-hhn11537-HHN
last-modified: Mon, 12 Apr 2021 11:05:59 GMT
server: AmazonS3
x-timer: S1618658192.872313,VS0,VE0
date: Sat, 17 Apr 2021 11:16:31 GMT
vary: Accept-Encoding
x-amz-request-id: 9Z46H3XH5XT87PK7
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 20
x-cache-hits: 2

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 107ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 107ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 273ms
271ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 273ms
271ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 40ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

379e419094c9f6e377c7250c502c49700ff9fcdd1cd65ceef32edee96daad284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 561 of 1000 / last-modified: 1618610985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21070
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:32 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 427ms
120ms Image
image/svg+xml 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: KEQWM5096SR7D63A
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: NPP+i9Zvn56/avIB9smVj2+AqOEk1JzIwBH9Itp2695tVOUylGrc91duVW1NjDicUyTVrqRzFJc=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 431ms
117ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: KEQGXJA86J3J5FSB
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: Yg88kH86u7OUDb6jk5X6bUdWr5xGGp5Vv9foDfyyalIYdP4xeoaAsez4v88aNL1SiXmeuT2t2CQ=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 105ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 105ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 106ms
103ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 106ms
103ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 104ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 412ms
112ms Image
image/svg+xml 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: KEQZ7RP3V3KDED1F
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: muXqDf/LLNVme5gTMcc4XBgSl1aJ5iAsWUuOa+qu7D9XcMipYfM+o2XAu7DITNXSw0busDoKNg0=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 529 KB
129 KB 38ms
38ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f212829c67ebb4044ba56c6f1aa9e723b01d57e6493ac39259874acb075cf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
via: 1.1 7eefe38d76087dfad8e2f0b7702246ef.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 60
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 098125030c00004e3e45bfd000000001
last-modified: Wed, 14 Apr 2021 03:21:03 UTC
server: cloudflare
etag: W/"84f64610e8484aac25c8c916a7e96a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kjwKyI%2FugegUgZMmSsg%2FcX9NjTPZ6nW%2F7JbSAVfzBujuMJhByKHMV5n2XSuc76%2Fms5cc5BVEWcCsrBT3vwjp%2Fl0OoYSnn9ocHGgrl0pI4SVPNdNqyh1p4Ne2AA%3D%3D"}]}
x-amz-version-id: JzoNO6RcOps3ADq7CcEn8nAWo8Hfy3qb
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 64153de4dcc64e3e-FRA
x-amz-cf-id: PXqF3dUxmhiOtl1RxHfAUOvu52UoBP3hVpt29iTt58EWdITfUdJ0Fw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8338d5b375b9b9a9391d473aefa64119591934708f8c6de328c8f54224f3f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 408 of 1000 / last-modified: 1618610985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21052
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:32 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 102ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:32 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
990 B 105ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-59a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
51 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e84eaff8259e3802d52534d6946979fa649a0d2604bd83c726375c7d8fcce988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51946
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 11:16:32 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 104ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-37a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:32 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 102ms
101ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 17 Apr 2022 11:16:32 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
26 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87057
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 098125037e00000eb30502b000000001
last-modified: Mon, 15 Mar 2021 11:04:59 GMT
server: cloudflare
etag: W/"146fb-5bd91388499a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 64153de599330eb3-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 398ms
120ms Image
image/svg+xml 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: KEQTDKEHTRXFKVFR
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: qpMAjFSuPF46113m53UGztvwv2W+JcXlwz4uiqrRRx0Q22RWaMbiee1QFkzKAxY2w9Fc/WBJHgA=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 414ms
135ms Image
image/svg+xml 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: KEQR56W0QHDMH15M
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: 677OyvY9we7c60Uzcu5os2flkmBZM+XShmm3sIwJe3xVjg/lYSQr02v6XmN9CpeRA+fMkRBSwjk=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:56:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
age: 213586
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:56:46 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 104ms
103ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 09A4
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,weste...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-di...

2 KB
1 KB

1210ms
1210ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

cab98d776eeb9dba2e409297d7fcdd4a78739ba1e0e2d47a59eee9fe3a9c4c27

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Response headers

server: nginx
date: Sat, 17 Apr 2021 11:16:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 17 Apr 2021 11:16:33 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame B59D
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washington
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

1 KB
908 B

977ms
976ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

8e6e050845e20376893ab488f9c6ad5404a7228e04415fc3ff27e8a7d2e30945

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Response headers

server: nginx
date: Sat, 17 Apr 2021 11:16:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 17 Apr 2021 11:16:33 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 4011
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=cybercrime,department-of-justice-doj,fin7,financial-services,western-district-of-washin...
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

2 KB
1008 B

928ms
928ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

f5b49a816e996994ba43d5aff57292ee09bae473b25b394aa012ab97deecd8e4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Response headers

server: nginx
date: Sat, 17 Apr 2021 11:16:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 17 Apr 2021 11:16:33 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 9BF5
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime,department-of-justice-doj,fin7,financial-serv...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2C...

2 KB
1 KB

996ms
996ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

9b2186de846dd6215380bb6db2a56361ba9cc8906ed9df89ce1a09c70d3d05a7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Response headers

server: nginx
date: Sat, 17 Apr 2021 11:16:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 17 Apr 2021 11:16:33 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1180873251-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/04/ 147 KB
147 KB 102ms
102ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1180873251-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6d6abea2afb9fdc78d1ae992d4a22978147741967d0f6644928ce2862506b6af

Request headers

:path: /wp-content/uploads/2021/04/GettyImages-1180873251-1021x681.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Fri, 16 Apr 2021 15:36:41 GMT
server: nginx
etag: "6079af09-24a4d"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 150093
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 GettyImages-1152728052-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/04/ 7 KB
7 KB 104ms
103ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1152728052-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9e51acd2a56c3e199eba5beb53ad1970a05ea3c8c9b43274e6bcc4dba529e340

Request headers

:path: /wp-content/uploads/2021/04/GettyImages-1152728052-307x171.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Thu, 15 Apr 2021 20:49:19 GMT
server: nginx
etag: "6078a6cf-1cd4"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 7380
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 GettyImages-1232310646-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/04/ 12 KB
12 KB 104ms
103ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1232310646-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8a73984c7b17513754e769cd09fb101aeef0017139a9319f154e74b0f33164af

Request headers

:path: /wp-content/uploads/2021/04/GettyImages-1232310646-307x171.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Thu, 15 Apr 2021 13:44:43 GMT
server: nginx
etag: "6078434b-3021"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 12321
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H/1.1 200
OK moscow-min.jpg
s3-us-west-2.amazonaws.com/cyberscoop-media/wp-content/uploads/2017/10/11135032/ 2 MB
2 MB 737ms
195ms Image
image/jpeg 52.218.244.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cyberscoop-media/wp-content/uploads/2017/10/11135032/moscow-min.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.244.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7200551fd665af7aa8118452da767e496ff2136ef3a8de622a3e6fc40cc9f524

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Wed, 11 Oct 2017 17:48:54 GMT
Server: AmazonS3
x-amz-request-id: KEQVV3J7EZ1ZK1J9
ETag: "e067b67fe505d6e08def12f55eb55fbb"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1587027
x-amz-id-2: zhBGgZz1kEkfz03zOE4i6d76NAuzuCEPsHW/lWMbZQtzXAL01zvqEhLMc5St0Q0yVwg+5bPdc6Y=
Expires: Thu, 11 Oct 2018 17:50:32 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 11:16:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
age: 172832
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
expires: Fri, 15 Apr 2022 11:16:00 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 522774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 22:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
age: 564126
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
expires: Sun, 10 Apr 2022 22:34:26 GMT

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 116ms
116ms Script
application/javascript 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4345395d695d975ea987566c667cc521e4287880d8d56d2de9ac8bb099bb3dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 098125039b00004e615121b000000001
server: cloudflare
x-trace: 2BF53517A771F3233A0BD1DB305D2D844A2270EBD0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 64153de5ce824e61-FRA

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 103ms
102ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 103ms
102ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 103ms
102ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 103ms
103ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 17 May 2021 11:16:32 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 304ms
106ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQSHSRCGEGR3YCP
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: KFIaN9ddvJ4Mxoqx3LuD9HBFyw2GSdrSynCt2udiUwUXzuPCdrOSCcQSLR1Nb/ZmlQ58UXwJYcc=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 124ms
110ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQH2XB7E3XC06T7
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: 9WqxVGuQMtkQ08LWivCny/LaN06qLvwwIRd2alQwSFi2XA8/4yNdMn1SStnhNSwbwGvMNnNJ4w8=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 112ms
108ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQNH4D306R9SJ9G
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: M5G0ZKQRpvfU7emAsQI1sEKxAXkbt6L/6UW4ocegFpNtyroAPBG45JurtKv551/lIW0K+LWEv70=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 108ms
107ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQQ57J0JX69M60J
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: 4UuFjRbViPkSSWKc0nBt96bMcvWTszG6J8Zt1JU2jW/uzo8adyphPbUTgYQ14xoJ0Gx4ek5+G/U=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 116ms
113ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQS5QS1H07ACDH6
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: CBPe8djcGYeEwjQynp4xjym5t7NXLLEGn8zCP/fiESqEck8lffDUG9voZVKtluQ9HztkykOeSnE=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 179ms
108ms Image
image/png 52.216.152.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.230 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:33 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: KEQS9H44AFB5J5EJ
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: +ErnwZxCutY9k2BDOCrrw25P7uODTuWVEuZ7K30uBPj329Q49H+lXhVB8RtkcsJEAFqPxMtioBo=

GET
H3-29 200 pubads_impl_2021041301.js Show response
securepubads.g.doubleclick.net/gpt/ 295 KB
104 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js?31060822

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106168
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:32 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13852156
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 098125041600004e5be929f000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 64153de68a2d4e5b-FRA
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:7100:191::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 11:16:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=77351
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 31ms
31ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 37505
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618658192.427069,VS0,VE0
x-served-by: cache-hhn11527-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: vz/vkhl0VcpPX1X6nPh40Cu+kcG6aC3ZWHcQZg2GhhHNXxqBvKgZ2O/lc7y5xuU5Ecy11H1NF+9OQQh5nCpZEA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 17 Apr 2021 11:16:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 835 B
609 B 17ms
16ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab2fbe53c3b6033526412e98f1ab37b5c158ee24e0dd89b10d30d6714436af8

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 42
cf-polished: origSize=942
cf-request-id: 098125042e0000d6e51124b000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B52D0E96EAAC126CF2A0C78CBDF344630B2C5449F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 64153de6afb2d6e5-FRA
expires: Sat, 17 Apr 2021 11:17:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4981
date: Sat, 17 Apr 2021 09:53:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 17 Apr 2021 11:53:31 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1618658192424%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Ff...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS...

0
57 B

142ms
142ms

Image
application/javascript

2620:119:50e3:101::6cae:b45
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&liSync=true
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: V1yn5QyhdhbAzKR9FisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: WuTq3AyhdhZADBHaACsAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 68A9811D8AC141A2B77464BBB45DCE38 Ref B: FRAEDGE1409 Ref C: 2021-04-17T11:16:32Z
x-frame-options: sameorigin
date: Sat, 17 Apr 2021 11:16:32 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618658192424&url=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 10:19:21 GMT
server: ESF
date: Sat, 17 Apr 2021 11:16:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 11:16:32 GMT

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 54ms
54ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: CCQGbI7ECDhVsQ7zJHeaKyZy75SGnu+6uKttRzJq2s148XkMRDw2ZujEud6+wNotuZyXx98N1Jf8eV4KXRSY/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 17 Apr 2021 11:16:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1618658100000/ 62 KB
18 KB 19ms
19ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1618658100000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb53fd4d514accd4713efc61055e9bac3059efa921cd700f1e0e62963b060c99

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 42
x-amz-server-side-encryption: AES256
x-amz-request-id: VA69GA9CAWWGS4NF
x-amz-id-2: YjgSM4TeD4b8G+DoOXQ3kDXXRH7p8j42mfEUfvUS01wWGLhk/nCIBLPpwa6vYe82915sZOpnPpY=
last-modified: Tue, 13 Apr 2021 18:11:32 GMT
server: cloudflare
etag: W/"c9309a4b24754828fd415e95fa3245e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 098125044f00002b22ff8ac000000001
cf-ray: 64153de6ed752b22-FRA
expires: Sat, 17 Apr 2021 11:20:50 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 59 KB
14 KB 22ms
21ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9270a81326607795ab986b54a84c53a0408682468f364bf2054566f95964f2f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 41
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: FV2YMQEC5277XXEC
x-amz-id-2: S51jT4Npz5G+RpFk16Z3CyNSrmJU8lYtbpXxjWPDu7WVJi5vpkFNa83lcZXXeM03V8DlNaB2dfM=
timing-allow-origin: *
last-modified: Tue, 13 Apr 2021 18:11:34 GMT
server: cloudflare
etag: W/"a8ed43bcd5503352a3c859b837452188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: Pevq6OOeHyEaUFm_ZLA6CIrUl9SDdpyD
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 098125046500004e2c232a7000000001
cf-ray: 64153de70a814e2c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sat, 17 Apr 2021 11:20:51 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 202ms
202ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_a /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 9
pragma: no-cache
last-modified: Sat, 17 Apr 2021 11:16:32 GMT
server: tsa_a
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 266993557379b72622f361edc43b29c4
x-transaction: 00ba843400f8d1bb
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1521546396&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&ul=en-us&de=UTF-8&dt=FIN7%20%27technical%20guru%27%20sentenced%20to%2010%20years%20in%20prison%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=49763168&gjid=3811505&cid=594647515.1618658192&tid=UA-80491860-1&_gid=2073252440.1618658192&_r=1&gtm=2wg472KR697BF&z=1812049661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-80491860-1&cid=594647515.1618658192&jid=49763168&gjid=3811505&_gid=2073252440.1618658192&_u=YEBAAEAAAAAAAC~&z=25067783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Apr 2021 11:16:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-80491860-1&cid=594647515.1618658192&jid=49763168&_u=YEBAAEAAAAAAAC~&z=1187800207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-80491860-1&cid=594647515.1618658192&jid=49763168&_u=YEBAAEAAAAAAAC~&z=1187800207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
264 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&rl=&if=false&ts=1618658192540&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618658192538.282099026&it=1618658192459&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 17 Apr 2021 11:16:32 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary3vreGifa240OsFS0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 17 Apr 2021 11:16:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4011 62 KB
21 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 89 of 1000 / last-modified: 1618610925"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21051
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9BF5 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-8OyxXaqTc2-billboard&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdc943a19a6128ddd899ed40e359337e6b1a1a5aff4bd68e32d1e4d453719b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 385 of 1000 / last-modified: 1618610985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21052
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B59D 62 KB
21 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdc943a19a6128ddd899ed40e359337e6b1a1a5aff4bd68e32d1e4d453719b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 407 of 1000 / last-modified: 1618610985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21052
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 pubads_impl_2021041301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4011 295 KB
104 KB 37ms
37ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106168
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 pubads_impl_2021041401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9BF5 298 KB
105 KB 52ms
52ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107268
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 pubads_impl_2021041401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B59D 298 KB
105 KB 55ms
55ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107268
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4011 107 B
165 B 24ms
11ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4011 107 B
165 B 21ms
10ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4011 9 KB
5 KB 82ms
65ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4369525207170393&correlator=702322808027339&output=ldjh&impl=fifs&eid=31060790%2C21064370%2C21068107&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618658194&dt=1618658194353&dlt=1618658194094&idt=186&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1625&adks=2863372106&ucis=oawhsj1k5za9&ifi=1&ifk=3588979227&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&ref=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&top=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=546678631.1618658194&ga_sid=1618658194&ga_hid=1335348936&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

17f1a56bdcbb39b54320afe483f67b89115f9ee70ccb51d04320829bd75fccf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
google-lineitem-id: 5614486206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339609769
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4011 0
0 77ms
26ms Other
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 4011 0
0 40ms
9ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B59D 107 B
122 B 38ms
21ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B59D 107 B
122 B 34ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B59D 9 KB
5 KB 70ms
70ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4435715215919316&correlator=2728026493849747&output=ldjh&impl=fif&eid=31060823%2C21068030%2C31060682&vrg=2021041401&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington%26categories%3Dgovernment&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618658194&dt=1618658194414&dlt=1618658194169&idt=212&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1360&adks=4064999910&ucis=a646tlclczw3&ifi=1&ifk=2017064384&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&ref=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&top=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=1428317125.1618658194&ga_sid=1618658194&ga_hid=1917078862&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

fab155f19bd3d480a8173e8ff956e3f6ffda0b42823e41d0ecc8b1376a85e413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4919
x-xss-protection: 0
google-lineitem-id: 5621938555
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339923949
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B59D 0
0 34ms
18ms Other
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame B59D 0
0 6ms
5ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9BF5 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9BF5 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9BF5 36 KB
13 KB 70ms
70ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3528976327099473&correlator=4084533637324899&output=ldjh&impl=fif&eid=31060311%2C31060784%2C31060823&vrg=2021041401&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618658194&dt=1618658194434&dlt=1618658194154&idt=269&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=3954&adks=3048910702&ucis=p9nkz0ysp79p&ifi=1&ifk=3526362005&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-8OyxXaqTc2-billboard%26category%3Dgovernment%26tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&ref=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&top=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=869314330.1618658194&ga_sid=1618658194&ga_hid=263921881&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2ffd2af03bae9d2c5e74b9e1fd6cec31163f07dea47c704c125e821614a21ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13781
x-xss-protection: 0
google-lineitem-id: 5650420444
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343925721
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9BF5 0
0 33ms
13ms Other
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 9BF5 0
0 19ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F0F6 6 KB
3 KB 117ms
36ms Document
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 11:16:34 GMT
expires: Sun, 17 Apr 2022 11:16:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4011 73 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 09A4 62 KB
21 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-FFPE8gOlTr-leaderboard&categories=government&tags=cybercrime%2Cdepartment-of-justice-doj%2Cfin7%2Cfinancial-services%2Cwestern-district-of-washington

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 808 of 1000 / last-modified: 1618610925"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21051
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 container.html Show response
6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB2A 6 KB
3 KB 99ms
39ms Document
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 11:16:34 GMT
expires: Sun, 17 Apr 2022 11:16:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B59D 73 KB
28 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B59D 9 KB
7 KB 51ms
50ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3846a97a0042a5e7acc9841139ae0a287bd924345fa54b4e370b3cd491486792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7092
x-xss-protection: 0

GET
H3-29 200 pubads_impl_2021041301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 09A4 295 KB
104 KB 47ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106168
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17D3 0
0 194ms
191ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-6biSQIflypFOaX1Yn-E-VrzW7k7oYfrcn-jQUbQRMQqBCxyc49NboFhCBK2KiZb1B5kfzwL9Z2tkifeHHgW1TmkJFpuNAxooJbUmn-9qyiDYYnpWTqQcslXl7Zj-lGmLTFm0AyyXgp8XKbThYmE3Yy4Ix3My9J3j0vU9dPR-CGcn86uWAkCv3c-2bX1pSUQnOPHvdrqdngwX0fjX2F-66-ODB8KQMw-eoclqsbPgAJxAX5kBlr0J76wkca-MwZ7YOruudfdKO9QfR0_YCB17QTrK0xCGX3Ra5og2SbVLBS2hvgjSGw-7zPTw3HKsjOeRt_KYyZsZYw&sai=AMfl-YTANeb5obQSBmqodVbTKCnvb6yQqXjtYfQeuAEfC-3zOWM1Sr_FTfWzEGy7MSa8O6k53OEr9JxhXF1HcQ2LBI7_wWVZdhYdsbxqnkHUN0K48f9kXv4JuQ9gG0xu5Ps&sig=Cg0ArKJSzA_sLReogIGuEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 17D3 17 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 11:15:07 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 17D3 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 11:15:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17D3 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 15562397285495364300
tpc.googlesyndication.com/simgad/ Frame 17D3 130 KB
130 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15562397285495364300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc99037f9d3d134431b0c484ab2cd7143f8044a87d4c538e552fcfb4b2359b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 11:20:34 GMT
x-content-type-options: nosniff
age: 172560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133350
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 18:50:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 11:20:34 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BF5 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9BF5 9 KB
7 KB 41ms
40ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

99e6a89f2578748ce4f87ec7e64c74f06caee5bc1521c15d6693dab0eee3c137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7045
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B59D 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 09A4 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 09A4 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 09A4 9 KB
4 KB 72ms
72ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1585015378513181&correlator=2230801456274379&output=ldjh&impl=fif&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&cookie=ID%3D21c9877eb9fc2d96-221daa2f27bb00e9%3AT%3D1618658194%3AS%3DALNI_MZRLGhvmuZ33vgOOgANo-PZZndASg&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618658194&dt=1618658194616&dlt=1618658194457&idt=148&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=xon51nxvxmwb&ifi=1&ifk=280294881&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-FFPE8gOlTr-leaderboard%26categories%3Dgovernment%26tags%3Dcybercrime%252Cdepartment-of-justice-doj%252Cfin7%252Cfinancial-services%252Cwestern-district-of-washington&ref=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&top=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=35399152.1618658195&ga_sid=1618658195&ga_hid=156434993&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

562867b4da0f40e69c9cafe5effe883ff8cc91e9aa437a1010b34abca77a1e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4535
x-xss-protection: 0
google-lineitem-id: 5621938555
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339924099
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09A4 0
0 33ms
18ms Other
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 09A4 0
0 7ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17D3 0
0 81ms
81ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrgYNWnVvnsKrHvCJh936MaYlUDk2erVWQWs1YbvmD-Nw0UGqMqDklmluMuScxVJUKwy1yaeXEv8aYIobiJEO_xlKkfW4gRfWOGi5zQ5wgGBUPncpSjv_3N1AigwiyiHxcO5t43YvLoZxSyJRWid_WFQKWKB7tv3Hu3kc1r7m7HmjVXTihWrqrx1JA0rAt7_4kfb5_igb_1Xn5PSN6JABFNOpSEAjlzx_NcC38SlUyUwpRw2aDGVxkbaWfQgAVRzRvQkMHcZSjkfW0PHwOaVn2yD03RZqsMxN-qVUROJp_9eGtLclcu1Khyz_XqBp0OeteFsoioiinDWCA&sai=AMfl-YR7_UHFlnSwf9lRd7-WWshduD-OdwP2DQywd-NaA5Sn7osfWGUkHKj2gupJwT0aUyp1Nu0ri0nE97Gnv2-6ajGgfijnrad8DJGF5b3DAcf_grouSJiRBYI28ANrnBY&sig=Cg0ArKJSzKGq1O-sV7OqEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
DATA 200
OK truncated
/ Frame 17D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f695d721a7e3c9d613970c4ec1460e420663d0688a37775da48d5015ba07b1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BF5 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F127 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 10:22:31 GMT
expires: Sun, 17 Apr 2022 10:22:31 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3243
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E4D 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:400c:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 11:16:34 GMT
expires: Sun, 17 Apr 2022 11:16:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09A4 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F0F6 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4620
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:59:34 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F0F6 7 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Sat, 17 Apr 2021 12:05:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0F6 118 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CB2A 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4620
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:59:34 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CB2A 7 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Sat, 17 Apr 2021 12:05:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB2A 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 41DF 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 10:22:31 GMT
expires: Sun, 17 Apr 2022 10:22:31 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3243
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0F6 0
0 67ms
66ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJXwQTcXXAHIWuX11MarQifg9fmmiOXQglo-Cw5O3-l1v_Z39QOzKFLUjJP8le4X6SnSdW3YWrL86-YcOR_OgDHskuEe1eROCOggX5M82tdM7P5CChQEr85zbOtBomUU4P6bODzy9vwNP6KmQViQ_SZVFVFwi8v130m4UNuhrQfxdhviWZoOw1Me4Voyyz6DoyMW_aZ6rjcBxf_QTTpzHmUK4B3nGLYSZAPprOfT_6zUDui6fz_aC98fN6jK3UEnTWJMHnGGzU0rxfP51t-PQRmt0HEljNpoKuYLZ3AgCSuJppL_f5B-d_HoPvcJSleKqVmQ&sai=AMfl-YRs-TQi_pFcKx8xN8DlSozBif07XZqbnNZJmntQkqlJbieqsFCfSnXWs85tlFU3cwa9tNIfsQsir9cf0CcRoaTIGQBo-ug2LuhGnYyVidZjqDiDamQTsOkwKVypqDzm&sig=Cg0ArKJSzLq4xJqizNLiEAE&urlfix=1&adurl=

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame F0F6 36 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 238244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:05:50 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2E4D 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4620
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:59:34 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2E4D 7 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Sat, 17 Apr 2021 12:05:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E4D 118 KB
36 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB2A 0
0 73ms
73ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCl9u0ZaDdrWPk87XaBuwBQ71yx41JIGyfifD8nwqj94w6R2vebu9sm3if_R1lyGCvQtu1FMi35sNH58vNFRxCb8yTyxRfOH7vuZs1gCe5N4vrcXqsUMwlIMkHR27hNwIrDMOdksQzLwZRvvNIJHD5tlZ8mGVN9Apuo-7T5oVwYz0r586lXCSzIpXszFv1k-_Rhj2vsx57AIZVCn7FGsx0VCF9lsj528YrFq_ScWUI49aFKwZKIAFi8Si1h6xTWJuhxDIsDiJAFLS-rphPPZEG4PHxC20LVMpjzJMbqEUBa8HdSk1JEYGm2B3c7Fc_XKgmw1NMWhsCo5TfKA&sai=AMfl-YRYX1zNdRV0xsEOrN8dzaDlb27UdQn7OAKNtpQEcPw7cSUi0SXX6zz0rNysaJ7sZBlC4vjWdnj1sJa6BqsQ99H2maF5NcY93Sqfr3Qzc61tjH4zidu3qOWV6LjVZhAa&sig=Cg0ArKJSzFUQ6n4UL0srEAE&urlfix=1&adurl=

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame CB2A 36 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 238244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:05:50 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame F127 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 06:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 102597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 16 Apr 2022 06:46:37 GMT

GET
H2 200 B25263370.294799310;dc_ver=70.201;sz=300x600;u_sd=1;dc_adk=192105431;ord=pv2xn8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssadZZSWKqZDzr-aRrCdA_mCoqlLsG14zZCh8-ADTk8f... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame F0F6 39 KB
18 KB 57ms
56ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;sz=300x600;u_sd=1;dc_adk=192105431;ord=pv2xn8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssadZZSWKqZDzr-aRrCdA_mCoqlLsG14zZCh8-ADTk8fTd7MyDhtwk3AcmGTNJY5lOdILwtmYaEBrvqk7huY5HmDLNU9cLQJjAZCl20xWN4mTckpc03Uam6hb0Z6OkE5sW_1aQIg-805N5EtQ0PTCb9IdWR94xMLQrF4ab6L4hSItayYNYuzaj-Wao19IOFy6PxiAP76J2RaxrkAA2hxOx9k2sQuR1MXn0snXkUYZv_miI160H0APMeHUXCtMwP7l6tcDWfTXb6KBEX8E7EQjdjIyDJldqxtXYFTvy03_sJKTUCn53RT2-gCDpW4IEfPA%26sai%3DAMfl-YQ5lpXRwHv7-yKyJPvG08vfdv22qWmdqhEBKED7ZGVC-IN4dCEIhPmQL6VeQm89kC2MT9-a3OLwWLTMLAVneQRh0JPp7cvvxvhcQDUJTCM4GxAtC0KmEah-kdX8F0BW%26sig%3DCg0ArKJSzAKWYDdYc5B0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1wqoHSSaAx;osda=1;sttr=66;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

4bd6d33882fbf43f9cb3e894d67bde3d440785ef7fa628253e0ec4e97921ceba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25263370.295827114;dc_ver=70.201;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2235259097;ord=oucmhg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvNHxZgBw2blCpBp4aKvJz8bhaQ... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame CB2A 49 KB
19 KB 60ms
60ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827114;dc_ver=70.201;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2235259097;ord=oucmhg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvNHxZgBw2blCpBp4aKvJz8bhaQRXgKOBRafdpmiOM4C_reeXQL7QVhO08OCPymk_yewIbt4q-DMvWtz5EkiFvaOkEkeYRlvYG_Wk3nnDXvkOctMKJiZ2OT_UV84A5TUJyOSTJyLQbYBWH45QS5DUke61zAzdwDOOZahbZfsm0L95_6FWgZe-eJPyqokWHhffZZmRNxR2NzVsbz0FvSMny_rqBdb11PQXpjDuRYEJQ25oZlxDDecxpvfElobfr5jclqt4P29mLBN5j69NIAK3qS8nXFkvV7rvPB8ld30dZQqR0d9K_WU0dlSOPIVh8NjY6PvWtPheyXjA%26sai%3DAMfl-YQCZ71kPiH2YMrPARHqrVORNd8-y3RzNpWbFAMqapiA_y4OWRoGyT-wkzP0rR-X91VQFrX15OGCQUQCuETQRiybPQA6g8fTj8_7vqUS7EsgGDETFIlUQxGGi6-1S-bG%26sig%3DCg0ArKJSzBMR1zCAniRAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=qo4PSegi5k;osda=1;sttr=68;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

1b4cb64a676f5c6cbb0f177491fa7d15c25c176af91958a46eb75915dfda21f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19579
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E4D 0
0 84ms
83ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_1WAL8bh1XnDa_7Ozsr1h_0TwGqw6We64yLSuGeYXMUx_nzPiglWZvtKnbVabiVFUdvSWnA227UuhIISxB2UUJKe5b_iin0TapQwdUlJl_pT1K4oMGhgn8d659nQ9mamr2oCF2MRpPFekFSWLTfUx3gs2Q1dlhKSQFzEbsym8B1z9z-gDd6fZb2TLpxEP7FsETIuKl25S1tUqb_yEeTclKfyojU5HSClk07QtqdOXa2BC93SEt4iksEMludEYh9kT7gRdiIUt-Rz2AyR5gR3BC41Cvt5VpKOFfRJJZ59P8g9mAbaO_IckkNt0W3VoaQBu12-ywLe9s4e_oMc&sig=Cg0ArKJSzLQD3sXKwmG0EAE&urlfix=1&adurl=

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame 2E4D 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 238244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:05:50 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 41DF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64478
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H2 200 B25263370.295826793;dc_ver=70.201;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=suuda0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstSe8Ae-VZH-3R2okglc6rvuxHm... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame 2E4D 48 KB
19 KB 55ms
54ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295826793;dc_ver=70.201;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=suuda0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstSe8Ae-VZH-3R2okglc6rvuxHm-ttw2gKSsgDLqrv0KcBxZp6cOp3M55K6Z2ZiVUUZH-3OhlQiv1exo1lEacI-UNAwVCEZ8YinKco0Yy5pFpNlcWLOBnNT7n8FdB88EXJiaKblbCWP63FHURTfhgg1RW4UZQ_axm38snFfTC1lotnPgK6Q-JhDg-XBS3isAsXSSY3wKZh97Uo-KHvWSCu3VLrJDM_ZTdXrK0vPDCG_idbtGKlvEmRpSsenLEkPsOYEHN7dgcREZcDAOnHnnBEoApd2uMtKHaYbGgfICinPy8rYzb2k73RILu_zYk0zjU0BEUKlno42tN4%26sig%3DCg0ArKJSzCwsDfHBeQJMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=K0NQiKJ(JM;osda=1;sttr=35;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

36d0b8c3a05bac5650004af96db02c84f66e72265c302b325e3351c053942e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19448
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52662418/ Frame F0F6 224 KB
73 KB 192ms
92ms Script
application/javascript 54.171.10.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52662418/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;sz=300x600;u_sd=1;dc_adk=192105431;ord=pv2xn8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssadZZSWKqZDzr-aRrCdA_mCoqlLsG14zZCh8-ADTk8fTd7MyDhtwk3AcmGTNJY5lOdILwtmYaEBrvqk7huY5HmDLNU9cLQJjAZCl20xWN4mTckpc03Uam6hb0Z6OkE5sW_1aQIg-805N5EtQ0PTCb9IdWR94xMLQrF4ab6L4hSItayYNYuzaj-Wao19IOFy6PxiAP76J2RaxrkAA2hxOx9k2sQuR1MXn0snXkUYZv_miI160H0APMeHUXCtMwP7l6tcDWfTXb6KBEX8E7EQjdjIyDJldqxtXYFTvy03_sJKTUCn53RT2-gCDpW4IEfPA%26sai%3DAMfl-YQ5lpXRwHv7-yKyJPvG08vfdv22qWmdqhEBKED7ZGVC-IN4dCEIhPmQL6VeQm89kC2MT9-a3OLwWLTMLAVneQRh0JPp7cvvxvhcQDUJTCM4GxAtC0KmEah-kdX8F0BW%26sig%3DCg0ArKJSzAKWYDdYc5B0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1wqoHSSaAx;osda=1;sttr=66;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.10.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-10-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 70738fea31db7120cf71a6484756370f7254e34115bccf7d620b36ed714b1212

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame F0F6 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;sz=300x600;u_sd=1;dc_adk=192105431;ord=pv2xn8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssadZZSWKqZDzr-aRrCdA_mCoqlLsG14zZCh8-ADTk8fTd7MyDhtwk3AcmGTNJY5lOdILwtmYaEBrvqk7huY5HmDLNU9cLQJjAZCl20xWN4mTckpc03Uam6hb0Z6OkE5sW_1aQIg-805N5EtQ0PTCb9IdWR94xMLQrF4ab6L4hSItayYNYuzaj-Wao19IOFy6PxiAP76J2RaxrkAA2hxOx9k2sQuR1MXn0snXkUYZv_miI160H0APMeHUXCtMwP7l6tcDWfTXb6KBEX8E7EQjdjIyDJldqxtXYFTvy03_sJKTUCn53RT2-gCDpW4IEfPA%26sai%3DAMfl-YQ5lpXRwHv7-yKyJPvG08vfdv22qWmdqhEBKED7ZGVC-IN4dCEIhPmQL6VeQm89kC2MT9-a3OLwWLTMLAVneQRh0JPp7cvvxvhcQDUJTCM4GxAtC0KmEah-kdX8F0BW%26sig%3DCg0ArKJSzAKWYDdYc5B0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1wqoHSSaAx;osda=1;sttr=66;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 11:16:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0F6 0
60 B 87ms
87ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcwtjN-47jORizppNRW02pcQ2uP8-lKjwgdJMzRqt5ULBaU0DImHvTh7bD1QUhJhyExByWTJTiaIFvyh-wiK6SbeWEuE2z75iPo1amVfhXINBlyVngakELdcgRUEnPtRkl3tig6f6scDLFDNsFg8A&sig=Cg0ArKJSzCGRkZuDidUZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210414.74937&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F0F6 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:22:54 GMT

GET
H2 200 02012021-141304900-MSFTJUM_Vertical-Government_Probook-x362_Learn-More_EN_300x600__Jpg_____.jpg
s0.2mdn.net/4807732/ Frame F0F6 39 KB
40 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/02012021-141304900-MSFTJUM_Vertical-Government_Probook-x362_Learn-More_EN_300x600__Jpg_____.jpg

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e255d544f723d3228d22fabd3e2c982f94fd558ba7a399615d5fc0d547f60cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:43:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 22:13:04 GMT
server: sffe
age: 27166
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40330
x-xss-protection: 0
expires: Sun, 18 Apr 2021 03:43:48 GMT

GET
H/1.1

200
OK

firstevent
hp.demdex.net/ Frame F0F6
Redirect Chain

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484

42 B
913 B

44ms
40ms

Image
image/gif

54.76.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.54.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-05d9d235b.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: F/Q9dhFMQE0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7cIjmwxrRRA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145520222&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=2682551484
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame F0F6
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294799310%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2F&b...

50 B
255 B

29ms
25ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD
Requested by: Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Sat, 17 Apr 2021 11:16:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2Ffc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0F6 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:34 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52802481/ Frame CB2A 47 KB
13 KB 173ms
90ms Script
application/javascript 54.171.10.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52802481/skeleton.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.10.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-10-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c2fa4036e458cd83297bff6c08914ce03ef87bc9b6befd55e3cc9b7ab369ebc5

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-server-name: app21.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame CB2A 111 KB
38 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57061
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 19:25:33 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame CB2A 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295827114;dc_ver=70.201;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2235259097;ord=oucmhg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvNHxZgBw2blCpBp4aKvJz8bhaQRXgKOBRafdpmiOM4C_reeXQL7QVhO08OCPymk_yewIbt4q-DMvWtz5EkiFvaOkEkeYRlvYG_Wk3nnDXvkOctMKJiZ2OT_UV84A5TUJyOSTJyLQbYBWH45QS5DUke61zAzdwDOOZahbZfsm0L95_6FWgZe-eJPyqokWHhffZZmRNxR2NzVsbz0FvSMny_rqBdb11PQXpjDuRYEJQ25oZlxDDecxpvfElobfr5jclqt4P29mLBN5j69NIAK3qS8nXFkvV7rvPB8ld30dZQqR0d9K_WU0dlSOPIVh8NjY6PvWtPheyXjA%26sai%3DAMfl-YQCZ71kPiH2YMrPARHqrVORNd8-y3RzNpWbFAMqapiA_y4OWRoGyT-wkzP0rR-X91VQFrX15OGCQUQCuETQRiybPQA6g8fTj8_7vqUS7EsgGDETFIlUQxGGi6-1S-bG%26sig%3DCg0ArKJSzBMR1zCAniRAEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=qo4PSegi5k;osda=1;sttr=68;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 11:16:25 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CB2A 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:22:54 GMT

GET
DATA 200
OK truncated
/ Frame CB2A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15aedb14eb152a677c42c1f7f0c8690519e074fa1d962ad22c15513f2d2b5cad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52802473/ Frame 2E4D 47 KB
13 KB 108ms
108ms Script
application/javascript 54.171.10.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52802473/skeleton.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.10.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-10-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9ce44f2e74ba720f2824310678af36dd2af0a769fb904669e4c80e9941e42368

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-server-name: app06.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 2E4D 111 KB
38 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57062
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 19:25:33 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame 2E4D 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.295826793;dc_ver=70.201;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=suuda0;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstSe8Ae-VZH-3R2okglc6rvuxHm-ttw2gKSsgDLqrv0KcBxZp6cOp3M55K6Z2ZiVUUZH-3OhlQiv1exo1lEacI-UNAwVCEZ8YinKco0Yy5pFpNlcWLOBnNT7n8FdB88EXJiaKblbCWP63FHURTfhgg1RW4UZQ_axm38snFfTC1lotnPgK6Q-JhDg-XBS3isAsXSSY3wKZh97Uo-KHvWSCu3VLrJDM_ZTdXrK0vPDCG_idbtGKlvEmRpSsenLEkPsOYEHN7dgcREZcDAOnHnnBEoApd2uMtKHaYbGgfICinPy8rYzb2k73RILu_zYk0zjU0BEUKlno42tN4%26sig%3DCg0ArKJSzCwsDfHBeQJMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=K0NQiKJ(JM;osda=1;sttr=35;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 11:16:25 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E4D 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 09:22:54 GMT

GET
DATA 200
OK truncated
/ Frame 2E4D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d57b7b69c91b2923f08f62a4bb00a070f3999e9df16deb5e4c5581939abbae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0F6 0
23 B 117ms
63ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0F6 0
0 64ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQDnlRPlhFRhX9trHmCGpWnTl3ve5JiHOSxc5Tty-2lgPrBW8D5qCmuMSLyFZnatFUTjPR1pxdeleDeWP-g3a8ahFpBs4kOMlxpyZp--AdfgDNNGSXMacNLiBbwxZKTo1XOApYkgM4rDfL_-7WJ81PVmWhwWt_C0pIOdoBiHgUXQkBFd-WDeXSH1sib3itkL_IrRgldQ7wdyuRhXkQAIMjc5HFf7w4F5qPbiGQK8mmUcPXRKs0ep2ooPrOQadvu8pLeTpgaMuAtfUlN_qUWYV5kMYcvhrR98sq4fyqNV9YKDsGlh5S67zB16szhv5rCDSn4aYI&sai=AMfl-YQRI7FQsYwoSOC-baOXqR1M6zpc4KQZCbuHvydAAXZ6AhV4Q9Y5kvaGjb-bZ9MYGtTIveRjNypgQgf8WGFzC22S3aKvHNeXRWZvml1KFuFRQwJI94IXJsfcYwqIfn5n&sig=Cg0ArKJSzLsmuPgeXgciEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
DATA 200
OK truncated
/ Frame F0F6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0321081dbb9f591b655be2c1c7a2e49cd741b32884a99320686aa456f81bb3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4685 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 17 Apr 2021 09:22:54 GMT
expires: Sun, 17 Apr 2022 09:22:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6821
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FB87 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 17 Apr 2021 09:22:54 GMT
expires: Sun, 17 Apr 2022 09:22:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6821
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB2A 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 8 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4cc9159698bbddd91531d661bebd5fa8203a6ea9ce12e1a3f876b27190b237f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2906
date: Fri, 16 Apr 2021 12:42:20 GMT
expires: Sat, 17 Apr 2021 12:42:20 GMT
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 81255
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB2A 0
23 B 63ms
63ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsYyjK3Mw_FbI7CDVQ0lepObg6x6b6pMvln0NPqtNR58lI8oVNrhVq3HZDMCLwEdYOfE0lozc0-5EN_Bw564AH_UrrYiYRikj1PvJXU9xH0UdkLxZFlJJTuCVgH8L6OhITpz-pW1_OvLS2cGy5znA&sig=Cg0ArKJSzDEKWt33bSexEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&cbvp=1&cstd=191&cisv=r20210414.50885&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK event
hp.demdex.net/ Frame CB2A 42 B
913 B 67ms
40ms Image
image/gif 54.76.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=146017714&d_adgroup=488920202&d_placement=295827114&d_campaign=25263370&d_bust=1468231668

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.54.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-068cb4bcd.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 50ge1MXWQOQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame CB2A
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D295827114%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114&level=1&srcref=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2F&b...

50 B
232 B

26ms
26ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114&level=1&srcref=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD
Requested by: Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Sat, 17 Apr 2021 11:16:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295827114&level=1&srcref=https%3A%2F%2F6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com%2F&brwsr=5ece4f4d-9f6e-11eb-8978-42010a246625&brwsrsig=yT7TmWVFswY8T2kVW6R-B1dJRS-WTD
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E7B8 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 17 Apr 2021 09:22:54 GMT
expires: Sun, 17 Apr 2022 09:22:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6821
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E4D 118 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/4807732/1613010861642/ Frame AA97 8 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1613010861642/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2698f2c8328e0bae05a2d93dc7aa5cd8ecf5b0a8a868f7314f67a63ae35b5951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4807732/1613010861642/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2908
date: Fri, 16 Apr 2021 13:35:10 GMT
expires: Sat, 17 Apr 2021 13:35:10 GMT
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 78085
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E4D 0
23 B 91ms
90ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpDiKOKEutjlm5XdNuyv99gq4DlUAlZLrz46zQLOtMc2uVjJ0r0WouT9uzACuj69HTPCbVtuvb6g8YOhAoDRpW137pGucSj9GeP1v01qE_g8xdnRipa_beIlofJsplGRSVTQYjMdztXq0XxUlrCWI&sig=Cg0ArKJSzAc3GHqnVbVJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=180&cisv=r20210414.97717&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK event
hp.demdex.net/ Frame 2E4D 42 B
913 B 46ms
45ms Image
image/gif 54.76.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=146034842&d_adgroup=488920193&d_placement=295826793&d_campaign=25263370&d_bust=3702066987

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.54.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-01da9bff2.edge-irl1.demdex.com 5.80.7.20210304103356 7ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: EMsNpAjfQWc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 5105
linkto.ext.hp.com/i/0/342132/ Frame 2E4D 50 B
232 B 26ms
25ms Image
image/gif 35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=295826793
Requested by: Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame CB2A 182 KB
58 KB 35ms
35ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/582938/52802481/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
age: 707845
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame F0F6
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52662418/4.js?adContainerId=gcc_ksN6YNP2NcyR7_UP3rKr-AI&cbFunctionName=goog_wrapCb_ksN6YNP2NcyR7_UP3rKr-AI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsaf...
https://static.adsafeprotected.com/4a.js

1 KB
1 KB

168ms
168ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:51 GMT
server: nginx/1.16.1
age: 104299
etag: W/"da4c85cef3afa0a27abf2b0c541c2cda"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame CC62 82 KB
22 KB 96ms
95ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3374205
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 2E4D 182 KB
58 KB 111ms
111ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/582938/52802473/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
age: 711055
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 88D4 112 KB
38 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 88D4 186 KB
48 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 index.js Show response
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 79 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.js?1611231310975

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a9046c653c00c0b49f0926e9638749d6a37ccbacef5f0eb8a01e93474e19d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 08:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8517
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 18 Apr 2021 08:54:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F0F6 43 B
216 B 299ms
98ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=8dfcccc0-ac02-6e99-95a4-ddf84d17484a&tv=%7Bc:a2N9sg,pingTime:-2,time:127,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:486,mdZ:709,beA:808,beZ:809,mfA:810,cmA:811,inA:812,inZ:815,prA:815,prZ:825,si:828,poA:829,poZ:842,cmZ:842,mfZ:842,loA:912,loZ:915,ltA:935,ltZ:935%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:127,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suPWPsx+1111%7C1112%7C112%7C1211%7C1212%7C122%7C1231%7C131*.582938-52662418%7C1311%7C132%7C141%7C142%7C1431%7C15,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:106,readyFired:true%7D&br=u
Requested by: Host: fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
URL: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-server-name: dt38.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AA97 112 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010861642/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AA97 186 KB
48 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010861642/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 index.js Show response
s0.2mdn.net/4807732/1613010861642/ Frame AA97 76 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1613010861642/index.js?1611231254979

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1613010861642/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf7cf3aa7a14526c2844991894af1d4bfcd719dc32b066eb7ae23a76945b15c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78084
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11944
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 17 Apr 2021 13:35:11 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4685 14 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame FB87 14 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H3-29 200 BG.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 64 KB
64 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/BG.jpg?1611231310948

Requested by

Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4587a9ceb14a8018d604daa891f5c1bda073bd575dabd4f1b9f17bfc32fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 15705
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65461
x-xss-protection: 0
expires: Sun, 18 Apr 2021 06:54:50 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB2A 0
23 B 63ms
63ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB2A 0
0 65ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2WtM9UpfMArBRQIZY10b6HXTHzcgyFVSI4A4bNlK9bJ5Zgx0h073zrDJxSU9qLCHgCZVDoDZmqavxXx61xRe-HCJIXTDZ2E7vEgyA6BTF41HVZtgWP_LQ7jsbH3JCiXwCmbYvzPyW41vUMIgAPOHKnjHrBkyOEhlbPDS2BL8lce6QHbFHMBrR_UBZE4suo9-xv3icDQE2yMswJIM4bCGQbAAukQK3PCiBAHRxLlunH5nPTSoU1jN6m0KacWXG4v-Ul3piMxOn6GIqTXupVTHK31fJYh7R78gusLLva65pP3wi3JQvEvIXmu0wK4KiqXu5chCjPmQM9QibwHWt&sai=AMfl-YTcu39P0BbaUfDoKbYfQ_WG_sHgrI26I6kEpOcwxgFKB61rOI1pIbrkqUQhIkO7e4mzYIt4PS8IbpO9H4VfczLUOVZVPI6VdIMetuCr-mHY7jZrp2q0_6qtkMlm-7eC&sig=Cg0ArKJSzFkiravDeCHaEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CB2A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52802481/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=h...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

39ms
38ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 3557765
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 0388 82 KB
22 KB 64ms
63ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: 6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
URL: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3375589
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B8 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H3-29 200 bg11111111111111.jpg
s0.2mdn.net/4807732/1613010861642/ Frame AA97 28 KB
28 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010861642/bg11111111111111.jpg?1611231254934

Requested by

Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec56d2bcb71dfed6e8f297afaecff795607b6dd15b385273445c326bc304356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:35:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
server: sffe
age: 78084
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28176
x-xss-protection: 0
expires: Sat, 17 Apr 2021 13:35:11 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E4D 0
23 B 64ms
63ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 intel.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/intel.jpg?1611231310948

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 10:45:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 1883
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4504
x-xss-protection: 0
expires: Sun, 18 Apr 2021 10:45:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B59D 0
28 B 40ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=4435715215919316&bg=!dXaldjLNAAZUuIlwVLg7ACkAdvg8WhIrb4Yyd2cMyQaX8kQxg75_tH6xyfGVdJhOhtS919gQu8ypCAIAAAH7UgAAAHRoAQcKARRJ3kqs93qLDOmfw6_DqANb7oWle2p_0Ru0u4DY3WU__QRujC-ZBqnvltMAu5xRp_Fr29pq6a-wD5H5K7IL-UqFSIiVkxSofb_kfvTizMeqbt8n5K-Pu4ER7YSPukombbFQ2SgPUbEpJ4A37y4IpYcW2q4AQTskMTTm6i4yOdn1iUIrkTGcR0XVyFeqLLB5tmK9nAVmHpYlMKjjNYvqmCTIv4IlfgbdQxB3W3-nKgC7bjSnyjelbygriJ6rwjd_8QRuXTedUUOasjtqfme6CqAqpR9zzANXsRwUqdyOQJHwkre8oC3IXgLy24jcaHxWdx24Wis2sEHzdVVuHjznOSedGNirtKUH5jKfBZgJZV0AJKNkWn2ZAknT3-8KVNLtaFzYVAB9TyXf6n67dN6zrmOtBJaRrpD0v9vrRpSUdnEk16wM0wA1l946XxtF4X94nIEW7OFctCM3hXXRwp72mzsjAQuZCZy54Se2q2qNH2vXJQt6NDzGVpPSrr94-SoB0xKie8Q9OP_hoL1jNjv3cNs6GJxEJWJ66QaScjHdMabsjqX2GNIirHODhAXaKOrVbq1sGwMJTUbBJazgZuwPLA1iOgFmphp9NhW4QvRvo_-V7JGeiXAdXINWwFBsDLVWAc973t2b81Q0Rm7Xl-ZWU5z0znaMCKaoVP-ZFRP6lUdYl43ydX1fuuxXfCiiHHqjYGqjstk91Qw3RwO-KgTolXlfH5pMWW30kYCOI88ABxF8F6G5uv5Qpk-qDldm3pt46M-PXcIB8hX2jki1yxxBqinkYLAc1aUrn3UjQ8cf9fkoGUARR7nbg3mIK90EeB-NUtrxjogei6nwaMJMZUWICjMNfPk3NHqTBCLMWj06_wlqVhvbN8rEE8_hvkwbleI96jqa-bwPn3PQ7rbKJSH6Kgyqe0v3SoT1zWDtwNBeTemi3kaJbiboarAUg9lOGNzdg1v6WwEZx6MqJdJlzXrI4KYqOMkvGJ3LI_OtaVoFT2lEI3Tb0tlwQxNlCQ7rAuBb6m-y88GjPxbT0wVZzr7z3DH9xFiFp_txsWeVeyr3N1FiMOEyUdsz53bRRYL26QmgrW222ASVzcaYq74FT6Te9Lg4pzSMYo9VXiapmxAkYCVE5B4OmI_M0xtQBHUJANQgTsE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E4D 0
0 104ms
103ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1BHHyF3MgRJAVNviCDvihuLG_eNpx1za3L92xlfFjgY2wVPp2_8A8D28rE3pzht2YHvMQpI4ZBoxRFhfPuFbgxBesbiEj60PT9oEqekROOqXabX9UA2B29JjsB_PLEYZ6slh1Ip2wgD0LRskW0Bn0GVPFnkXitiGXl1hGOIMoDTb8xxStStc53u5I-hTUvDYV0BWASpXc8xFHtuoPfuhbPW4smvdwb9ue7F64Imt5gZGXsHMqprVm5h1ZaNTbEKt2pT2A_T9Fjnjd3QNjTTevnq-2YVo4odiI_p-yizDBbeG3tolHpyFOSOZPhUHFiSLGumzfDOgrATijQYhgKg&sig=Cg0ArKJSzGPAUwlBpo3oEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 09A4 9 KB
7 KB 42ms
41ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

de6a8b9f73448d156bb7bd3a9bc4dd42e15622adb250971d16ef53a960145ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6994
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CB2A 43 B
215 B 98ms
97ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=53af13c8-a95c-15aa-e5ee-f381c8e75e5c&tv=%7Bc:a2N9xR,pingTime:-2,time:477,type:a,im:%7BpBlk:307,sf:0,pom:1,prf:%7BbdA:481,bdZ:656,beA:784,beZ:785,mfA:1060,cmA:1062,inA:1062,inZ:1067,prA:1067,prZ:1073,si:1078,poA:1079,bl:1091,poZ:1091,cmZ:1091,mfZ:1091,loA:1161,loZ:1164,ltA:1260,ltZ:1260%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B197~1%5D,as:%5B197~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suPWPsu+1111%7C1112%7C112%7C121*.582938-52802481%7C1211%7C1212%7C122%7C123%7C131.582938-52662418%7C1311%7C1312%7C132%7C141%7C142%7C143%7C15,idMap:121*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:181,readyFired:true%7D&br=u
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/?_hsmi=88974744&_hsenc=p2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 BG.jpg
s0.2mdn.net/4807732/1613010861642/ Frame AA97 64 KB
64 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010861642/BG.jpg?1611231254934

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4587a9ceb14a8018d604daa891f5c1bda073bd575dabd4f1b9f17bfc32fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:35:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
server: sffe
age: 78084
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65461
x-xss-protection: 0
expires: Sat, 17 Apr 2021 13:35:11 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0F6 0
23 B 68ms
67ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 2E4D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52802473/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=h...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

57ms
56ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 3560054
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-server-name: app34.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 27E8 82 KB
22 KB 47ms
47ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: 37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
URL: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3372842
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 Rectangle1.png
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 148 B
170 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/Rectangle1.png?1611231310948

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c357df249544f2d3b87dd076c81cc55226da9b428a50f94348e6677f3f786a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 10:45:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 1883
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Sun, 18 Apr 2021 10:45:12 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4011 9 KB
7 KB 41ms
41ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d51dcec61cfcec2f87f0827e9956cef6e6aa0647146c9e503604ccfbcda485b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7003
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
285 B 252ms
252ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_a /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 51
pragma: no-cache
last-modified: Sat, 17 Apr 2021 11:16:36 GMT
server: tsa_a
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5d8d6f17895e188afd40487897233d17
x-transaction: 003b5c9b00faa8bd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
475 B 26ms
24ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=7c6b65df-0f26-4363-8250-fa3507d04f28&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&t=FIN7+%27technical+guru%27+sentenced+to+10+years+in+prison+-+CyberScoop&cts=1618658195877&vi=77592c59c19dff57fe8aaccf71fda862&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64153dfc49bedfcb-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 09812511aa0000dfcb60a57000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LtjsMBI5RCyVfCMYYlezkMkItUzD%2BmABGsHGeZcMs4OKiVDSQGqQfiqeYyI9%2BzPC0PU89B8WJLxLZv8F4FErjjs%2Fn%2FQvIHAAeYxhK15p8PyqDTnbCTrk3SYTRLa5Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
342 B 26ms
24ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Ffedir-hladyr-fin7-sentencing-prison%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_YexS_1lOeRwlZVq-LS9fyV1kkYD4P9J_2Xg0hFaMtD0q2_ODLX4ywy39HiC07AjHRKZAgENpeFQRsHKU8Iy0II8wE6NbkKYcRixRIZdGEGQ2Lmf4&t=FIN7+%27technical+guru%27+sentenced+to+10+years+in+prison+-+CyberScoop&cts=1618658195878&vi=77592c59c19dff57fe8aaccf71fda862&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64153dfc49c0dfcb-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 09812511aa0000dfcb0d8a6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FN1uYPbWNzsUVW0HYreaPcS4f8L9Pbr4%2FQclF3Uy6eqQpX39yue%2BFXcHP%2F%2Bs4%2F3hG%2B3936VeLehQaq3E2sS7qHJbsaWCs%2Ft3saG9DdHTDJjqtLWsCW17vG3b9SeXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 09A4 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H3-29 200 intel.jpg
s0.2mdn.net/4807732/1613010861642/ Frame AA97 4 KB
4 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010861642/intel.jpg?1611231254934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:35:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
server: sffe
age: 78084
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4504
x-xss-protection: 0
expires: Sat, 17 Apr 2021 13:35:11 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BF5 0
28 B 43ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=3528976327099473&bg=!PzylPHjNAAZUuIlwVLg7ACkAdvg8Wjv4hMj6M2HU4ZbIQrR78hXbdWgDeea6aAOg33PDKCMGwZvTfAIAAAJMUgAAAIdoAQcKALMTRmTh27e_QsPa7YaDgkUSRgROQ-Ar7IjNZtu6C3N_UGKDVYHeXAIBDnqSVch4ZHa8r34MTxI4M_AGWFVTvcjSL243NMz3sUOHIJhmk6PUHsQ7t70jmH6GYpnJvC7F3EpD_FU_oDc2hap3Vx1gI6_zMrPmaoa-6tj-IzG8PIvjLTA7cOVbDXOZ5y_g2111DpfB-kv3fkeZrk2k45Y6j6pL-G86XUh1zdN_DpV-U2Lbc2U8kJkCRTmLzqBnEaFcZAfJldo2JedQgl6lgwDEgUeFv9wEjABiHsR2wGvkm0BwCzOBA_3b7wvXTHZwr1jEmJHBro9luir3Lyd5d1tF0wdhTYmmJ2-unM-9kCC9Yy_FqtxBGA6KsHOCYVmuAR8h-OBg27BeYIpZthUOgEradK-zHQYCJY2tVDBq2mTqoZSGxwOfngLgxXmU0bqFhhWypoKTu8Y1DfrB3SkPmcIVK3tvie--ZO1kHI8kaJW1orimSqav-Qp6wzezMsh_JcH_S69drnjiNFtnBK4IgGkhLguR65t1WXrqGZ1eQtrFFre8qqUo5gGpXyM6ERBExXurUMYJFv2qrS98L4g5BnfX0YazIkWf2I8QxWkXyOZZu_7oHi5OSBkHwtfZIJepIle0Iu26goDNSGoVjneOKmuB3bBjQJU5T8qQ-HQkcqDbdOwouT2uWo8t0Uh4k18dZ8Mk6JE7Ld3AqpI0W3lKhZH58vKmeKEua16a4dAMm1R7EGt6ujmeLEAjs7b0VR-wLQg9fUsze0L6iXdURM0BZJkRyNrEPSyAbLKAEmgJyYNePdrg2H_WCbRf7F90MyyE-PDwOgSlP4FoAmOvB_ceR_XhUbe4ecUMsTdfjAzyENin2ZtOnjocSLhX6bryuvdbcVdvvvAE99xw19QjwfjfGcXox7zza6YyH9EBoqoLRfzSl29uuBSB4_qaog-2xe-n206Wu9x0tlOAYhfUHI_kTYuj5yG9MDK2Er7ZF0PH_GkyrmqzvBDz8dgo59XaE7Jx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 VectorSmartObject.png
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 1 KB
1 KB 51ms
7ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/VectorSmartObject.png?1611231310948

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290a3565ce995734efb0b21243a388e85ef8f288f4fbb332e3d4b038b7113f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:47:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 80948
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Sat, 17 Apr 2021 12:47:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2E4D 43 B
215 B 117ms
98ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=a3a6fe9e-a3a1-6fc2-a905-d6b8a510ef06&tv=%7Bc:a2N9Ay,pingTime:-2,time:551,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:366,bdZ:482,beA:665,beZ:665,mfA:1082,cmA:1083,inA:1083,inZ:1084,prA:1084,prZ:1088,si:1090,poA:1090,poZ:1096,cmZ:1096,mfZ:1096,loA:1181,loZ:1182,ltA:1215,ltZ:1215%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:425%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:551,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:425,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B133~1%5D,as:%5B133~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suPWPsu+111*.582938-52802473%7C1111%7C1112%7C112%7C121.582938-52802481%7C12111%7C1212%7C1213%7C122%7C131.582938-52662418%7C13111%7C1312%7C132%7C141%7C142%7C143%7C15,idMap:111*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:124,readyFired:true%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4011 17 KB
6 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:16:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F0F6 43 B
215 B 98ms
98ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=8dfcccc0-ac02-6e99-95a4-ddf84d17484a&tv=%7Bc:a2N9Bp,pingTime:-10,time:694,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618658195978%7C%7Cfac7c6fc0cf1c0003166b1b0d45eac30%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C851fbaef2e016351a4b7626262326f9d%7C%7C1567351c256906fe24d654825a190000%7C%7C4cc1004a183b791272b68e4adbaee78e%7C%7C6ed119b16cedbdaee251ac966f657cde%7C%7C6fe340a7d6de2c037c029836e0c6c87c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:825,ecd:169,tsecr:212%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 Rectangle1.png
s0.2mdn.net/4807732/1613010861642/ Frame AA97 218 B
240 B 8ms
6ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010861642/Rectangle1.png?1611231254934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0700f6652f6403859a0c6cf7a45de59bb351c547dce56e355349c59fc1a018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:35:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:34:21 GMT
server: sffe
age: 78084
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
expires: Sat, 17 Apr 2021 13:35:11 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CB72 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 10:22:31 GMT
expires: Sun, 17 Apr 2022 10:22:31 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3245
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Z_Background_1_noholeedit.jpg
s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/ Frame 88D4 10 KB
10 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/Z_Background_1_noholeedit.jpg?1611231310948

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae31213486efa7916642a639bb20ab78004c59699b965f598d7abe2365a815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1612924650308/Intel_BPSGov_Display_FindOutWhy_EN_300x250_HTML_IDCAnalyst/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:47:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:37:30 GMT
server: sffe
age: 80949
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10230
x-xss-protection: 0
expires: Sat, 17 Apr 2021 12:47:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 386F 12 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 10:22:31 GMT
expires: Sun, 17 Apr 2022 10:22:31 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3245
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 404 VectorSmartObject.png
s0.2mdn.net/4807732/1613010861642/ Frame AA97 43 B
60 B 551ms
551ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1613010861642/VectorSmartObject.png?1611231254934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1613010861642/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 17 Apr 2021 11:31:36 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2E4D 43 B
215 B 99ms
99ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=a3a6fe9e-a3a1-6fc2-a905-d6b8a510ef06&tv=%7Bc:a2N9ES,pingTime:-10,time:818,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618658195978%7C%7Cfac7c6fc0cf1c0003166b1b0d45eac30%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C851fbaef2e016351a4b7626262326f9d%7C%7C1567351c256906fe24d654825a190000%7C%7C4cc1004a183b791272b68e4adbaee78e%7C%7C6ed119b16cedbdaee251ac966f657cde%7C%7C6fe340a7d6de2c037c029836e0c6c87c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:978,ecd:58,tsecr:99%7D%7D,sca:%7Bspg:8dfcccc0-ac02-6e99-95a4-ddf84d17484a%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CB2A 43 B
215 B 98ms
98ms Image
image/gif 35.169.133.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=53af13c8-a95c-15aa-e5ee-f381c8e75e5c&tv=%7Bc:a2N9Ff,pingTime:-10,time:935,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618658196216%7C%7C942ceb0936a8422285c2b80e33b90679%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cafc0758eb12437c5bf09c8760578bc56%7C%7Cf19eaaa8cb2a7126fcf7d0addd6b7229%7C%7C6b3b3b6a5259abce9ed3f91168e985a0%7C%7C14c5f03ff5b562af44c7cca9e8bf6b08%7C%7C75a72a48075de339d86a84872873baad%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:937,ecd:39,tsecr:164%7D,pWait:32%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.133.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-133-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-server-name: dt53.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame CB72 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64480
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB87 0
28 B 48ms
47ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwCbUksN6YLKgNqCDjuwP0OuewA4AAAAAOAHgBAI&bg=!LS6lLmrNAAZUuIlwVLg7ACkAdvg8WmhhajgjcTcYhucmNpebVd8EETESolmFjZD84gusShGOG97MaQIAAAHwUgAAAEBoAQcKARxBnV74Dju8IKl2zL_rcPFebOWekIl0VsVV1yVllIV8-nLPsBjdq3CiEwCUgDN-i8nAY-4nqWOS_ONV-IHHfE7fUwu20ZsMoEhd9gpJqwBSHziPFbJD8wK_LpbVI-PWCOQ05QJzeUc5wyt5DcnWxB2b6MxDF_q8ShDEPl7FGvP5Y-Jb8TjooMnvoYOEEocnVd0uITNMzaPpJHmA5isp8eKQtQ6bCdQyVZnMA0wU3NptaBgD3JQd9zUEmHDEq805F9hA0uJnR4WI7lsFZbXMoUEH8P6evgMirUKcFSG1JCDbYPalLmJxZbncaWuAsvZcjelEzjDc3lEKDBBXsHFoXab71y8aZvPPjVTPPJfOhOGxJxwMbtfLPvfxtYf4lpkCfdrK7Ujle1yv5XVm9RYYAAEDSEZ8hsnhttMjdKF4lijNM_cpphABoIvMsf9iq1Dy3bdS7Y5vfgq-E7JNPHkWQ_37tzmtwJ5atMrzmJE7fAS7NFYti78mqq9Nlr38aT39kb-NRNEdBPcJ-ERl2xe-b8Jr-7Sg2vVUiD-ne1XLPoiBgoh-NeSnwQtPPjut2I8PdednRI5JoCW9Y9zqk5bij4E1wy2N4gPZzlZGKge17mNFd4rQTF7OXHe9zaOW49BiQtaVFNIWNEnUwlxdqCe1zOKTJZafV8D_smq_RQpXRewy-DjhvjQO604T0C6U9GAtzl_uiEhTqbymrmn9X9_-piTfzFNmxHj-LSDRYXvHrQQdajMuyzFCf7iByrlrjR8DLcWm3mrSRefvYgYthAA4SL7dEXRzzmAtMClyWeURenp-IHWbbgirgaeqx5Cq52U1nuVwShmSFiogWQareENp9PHqSz3_Fg8zXZQtVCKh3V-Q8aTvWHNYE-z00as_sNuRdIARnwZ-3ojUcuN46S9RksbNm15ykP2LFAcjCq0q19FeQsiMBm1qX03wprWwLdDhFjiE5Hfoi-qYA2plQLbLI9nYSxGl7DtyzxuShCWSpGcbRm-z3Oy47ZaKEsm2Ee6iVO-3CzOVfRsQ4A4U-dGcssuBooBU7oEKcnqteXCzihRKjBtJsYmLaL58wQi08RQ-1vGa5rxLuPNuC4YP2_pFc4X23jY00fxzCCTdjXb6AOJFn-2uGus-lsAHLoIjpRoj6l1V6sohKhI26cvfMOBDUhavd-JQeLNyDgAHWm2HWZ831E51eEBIhwFs3adqEKcTJTEAMqn4marDk9fT7EU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 386F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64480
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:21:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4685 0
28 B 47ms
46ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEggCksN6YNP2NcyR7_UP3rKr-AIAAAAAOAHgBAI&bg=!SUqlSg7NAAZUuIlwVLg7ACkAdvg8Wqx0jG1elGKGgcRedXWwFdUYyv6c3SDjTul8PNSw5msDFgVbnAIAAAIvUgAAACpoAQeZAnNMIYEQL7Kmulj_bADCKxU86iulhx3f86FtPZsQ2vvAShPlwt28TIgSlbWJwkajrwHzDKFHaa-wUjHn660ozbMBFLLmzT1nyerHSHRUTQyqS_32edUU6gEILdGhaFnikYuaArpDpkDeCpNz4xXWL1-iCIe6zQWVlt3GvW2AuuOmb0ALZT0lF2KzrDVIHJCIRJJuuPMGtkMAfIr20l460AWEKDqxnHwbV8dZAOBvQrPcDxqMhMq28_7gB9evb8O83PnkNo43l9qq4iAD-qQaRd4kRjQPruYMqVLeoltwBU45gr2mdILV6-6fZpCSLfMJzdrVk1KJlvgkB19QHHCWRqfVf-g2KFHAG3r-ITav1dbAQUoM5NFk8K1r75oSWhVxGo7CEsGb4rfe9hSxXC99JnnyboqAk7VPhZG7mZ8omw_mFQFX7h9FlmMFe-452sM7k63_chw8FexVEplTBryauOaiat69htqkdMw00GYvjBWSUHnTQrzmiGhgu0SumHO1gyXW_62l4MowaF6y3HAawTr3uI4L5FVa7SwB8umeFl4vdFLeZnatr6R6DEmAmOWrJ4DI29le7qFuYOBu3Xwg0Nf83iKI6XNr5n7glCG4i43VJNpAElhYNTRjTkKqQy_nMSimJcQmcn_KNzxw6WBq8xMyT1vU3gALyW0Yph89KTASiYmAAlHNMl0iBH-SvvrZgocuQHZRVcS6GzqRSWHYmJ7ybjlncXSnoXw3K60hU-7UPTVH7eix7zAbFit5C3462oeRV9xAUNLKGSx83lB0-Zw7JwHwH8-yyhdZbN7BnNX-ZZ6pOecXWWrSSsNUXQARAD35RJE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7B8 0
28 B 42ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9hX1ksN6YKThOIOZrATSgrzQBAAAAAA4AeAEAg&bg=!1dal1pLNAAZUuIlwVLg7ACkAdvg8Wg6disZD71Kpm7Gs2HhG2UhHhV8eKGcCcEMUj364xbjUoUpw-gIAAAGkUgAAAC1oAQcKAAJCYZkChhtRjXXHJFERT3mFrX2uaLRjhKW0sJ-o_GbtpJISGXQtw44_Aeg7ZmaeRUEdQLjSZxhctpGsbkGdiToU540y_cqp0tJX49g9AqVgIHszzyD7Cp8h1-O9a72Kz79Lt2FzQujfLRHbW7Hd5ZNcyF_H78GUGhmVKOV8p6IciYWfAbMtojlHVoMiirLxKo4NuO0x6ziHeTgBJiWq9OOwmZLRpsvh92Xi4765sBVenjtifxZp7K4iqYuTCGZ5U3OaMhzC4OLVpj4lBQscTUnKinqFOY4Sgm93lUdlm3cvrrvRz_s55s2LNSmBHKF_BgCdiZDpFrgw5GMQInuauBTHFOogHZi48P6UVlAR-1DoM9nvVXyTMxUNpmeCd-zq71Oycj8XhDHn59mbkKe-a20WsWy9dLiKyytKBR26SHOaJRBJgA72yC1nHabX9kYdcbBwVSfDqnm0QyAwsLpN2963KZZ6CKY25fpqf5-YSf8Edv0SVxn_8Et0IUnK9Mu6nL8luSZzz-pxjb2OeGIW3d8vl8e8zIvvW6z0hZ6lUhbtcdbezrFFs0_Zfq3JWP-hs2UJ8_fdqonakk7_3vR3DXXvri5UNfVgeG5LXw-sn0r3XzxDP3QH1dWyJ8E5R4FqO91WgOYfzmKkrmVNZfBWcPI00FaXTyYH2uRDpIC4VDY5lTPSg3S65ViULANnOz-LoFA7DTPvXRdUdwjiXf7GDr6S1JqHP_RFEN3Wojp6_uZuG2OwkIhQarjFI7uzTL_mXE0y4A6Ok6WR9Jftvlzm_aZYIzek7NipMkLocveHGSw4WuB9f_sQeJocmymG7eUyQLIaO1jJvyhtLLb2d45gGoS2CvUu5SknvlKYG9k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E4D 42 B
64 B 62ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssziGswCmgc8s3WBmTYSAU1x1U5lNQN2XIAjdOo3r7nLoORKMaUjT5Dywys7LqLeEOb_Y_-PBQ0k5NNyc36O-u8Vg&sig=Cg0ArKJSzNt33aRQKlR7EAE&id=lidar2&mcvt=1017&p=0,0,250,970&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2711260096&rs=6&met=mue&la=1&cr=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4011 0
28 B 57ms
53ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=4369525207170393&bg=!EBOlE1fNAAZUuIlwVLg7ACkAdvg8WtO6B2y2YU-bCzWG1L122oPwFSAq9x15jsD98kV5iayUartjcQIAAACCUgAAAA1oAQcKAQA8aeeDIWYKG0n96F1wtf7p8sHnC3k6qgIMSDMdpF_oj7pA4VhzL9i9IJT64V9LrZlPbP5q9yyvhgVmppqmoFqfqYAaylpatNYG08gsshee5SVcETqOVDdwucPgZ5pBrwB--TK1qqXlSYpyde5vzZGNY3EGYvdfLNiQum6ceGX1t8gOAwMxIYLYST1_IWJw9Jb-5aVTAeph-BDxPCO3_Uh9KE5SPJOx60prrP3t9_ZGHh1XBcD8tMpaYJfyqDsicpUtXwkf4vLss5TbfuMUZ2l-KkWJ6prM7b4BULbr8Cah3s1mJEdYfkx5_BJZHQSHHiKDqSCzgAeOJAWXOFlr0k5bmQIxnPH4QV33MonMvy6xSnHoEZTx6LERCTICII-gb_1mah7faH1FwPdpfuzme8fNP7bvt0CEC7y-UlWgeIdEoe-qkxKceBW9iAotb1wENpFkxMwbN2AaHTaO453EeEQj2u0lisL73maHjLPn3TRxHOZo7sb-mMRaSmdrqaOOFUBSjcbKKbnkcpvcYLSOSvOLNtHXO8usKZI7yAnzy_GhOWa49tRZWavaeav2AqDeXOX8T33_3HoMeGO3lLaYo_0BUCNgCgAnCCFup9DXb_wKa7e5IoTqwg9hcs5jFr0tnpwHnk9WzwVd7UWQ-gCJE6DzJlZYLXuoGsmsNMUFcvo7C9oPIQgWR57opzHm75ro-4bpxaHE2rJQ73fzok9wM_1Zx95v0DubCtyNGkMR58G97EM-Tm6rhW1UnPf-g5wTSq2lP2NJFzxCZoIh3qCl1A9F4ROTStgVOZxYzEvKkWiPMowJrExXNChe74KwzU3AwLmKEtEjsEN0TCnetdp1Q7-XBo8nef6u1M8sQo6E5aFuBsrUm4q_b_IeVJ5fwrdtA3y-hl10FbFQzXj3Fkyc0tORFzU-yIKkrIFUvmfDiA2YqtsYWc7Xew4C5oRkigwaSPSxgUOeOsSgKJ-k9GUHGrLUMtwSV5DnSXzCNnxUoBpCTyZOb1BusoFjaOjVpR2cclXRsfR5IW0VYRaKXwDGMku4E4oa1ImPb3XvQk_tSAfPDOjA68Uxu63QgPqxtqyCGsVh--l1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09A4 0
28 B 56ms
54ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=1585015378513181&bg=!mJulm9_NAAZUuIlwVLg7ACkAdvg8WjE3KHvwU6ulAqFPTYiNmt51alzBoikbL_4BepndD_EWrcaPBgIAAADOUgAAACBoAQcKATUqdhuGEN1KOpLC1Pg7Sb0wdm6QfY-cfwJ9vqRLLH-Jus-IHj7hdiG6SX2zqjSjggcPOWYg41sSsR49FmXooBV2hec03OgvkBDYWvI7uJrG5kFrrDxqbC6clHo8_VCDMaFkN8HOjeM25jB6YTpHRFzvvFr2uOPT-unfjmfnuc6zxhMOjPGIX0C98RDlW1LX0BkKFm_1ksEYESSM1ifkpssWMUBzJQbHfOt3GHZu1sUjtwpCBh24aaooQQRkYAiKHsnM35b5gBBBKYx6GdXO3oabUyVXu4HcuOqWQJghfFMfC5EVNbXGSbu3z7bCrR3ij659a20VdPAA9Kb5_f48WHgU-1qf50ZrrjAiSxkwMkNQpMA1Zupc_dpT0CcvPrWXwSgwRkHYhoM8LFOVuoxRHR5oXonx_bmZAjTLp6im5_ha14u_L2AWb2OBU_sE4a3L3ZS2_zmhFO_NWPR-RcrWlHBipyHAxMKiQbtbXlr0SpbU4w_bHCXFnp0EjnKdvk0X-teKSlg8mjNhci26H9QILOJ142kvebTVrfYtJPKn28dxKYeSJkUZMiVl_bVTGhM9Rq10_kfIdmUcqYMtiOzYYdMAGiRA2mRp1_9snMUt9V6S79tCfzloEhamcltQnho_3C3bJ5tOKPyNI44ltPrvPVj6Mc85qGobwC5X8naAWNH-FE7Kd-OPfcyj0BOK9JLyO9dE56DFoISYve-aK7gTwSV9opESAqLWfBdTnlynuZelOOFvHlbMeieOgOoezbj4G03X5FHDSjKZXlkS11b8GHs5u9JAxfwAaa6vPvFRFutaHy2jrrahw3TPzsEKYmZuAFcIKOj-To8vJo5NHh9CD47pwMgImX-7eIQuLpujgXCrSTPdmP9UhjSH0Pgo8MiivQxKyM6pZJYP6MsZGD_7P5D-x_a44EqsMGo_ZD9mASrdE-2HQn1g0dUMS-HWETh5-K8oZPw5nO6O7Dzhcinq8p_28z7pbj9GuohjSVsOERHvpgsogoWdBEWaoTOLl5c-NivtLOUROZtDcEBbzRpp27Os7P5UywKbmjxM4-uTG-nDoUqib0H3GxKQN0VVImeMucYad546BkiwI1aqm_8aHOes4dVBQ-iN3FVS9OGD55RMCPTvjbFBivaIeJHaZFpri6xJNsOf4tfcSZSR2vI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E4D 42 B
64 B 63ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss09stA0qrFk5pyRY3WeolYyg_JWvBR7vxiYFozBKHILMbX2-Ji1cblnWhUqZf26tItl4XJaq_aOfTvmPI0fnBpG2Bwlwks-xw8WUqRQ58&sig=Cg0ArKJSzJ3f8XF675eDEAE&id=lidar2&mcvt=1001&p=0,0,250,970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1618658194713&dlt=57&rpt=403&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIsrHg1ZOF8AIVoIGDBx3QtQfoEAAYACCym9BF;met=1;&timestamp=1618658205520;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CB2A 42 B
107 B 62ms
61ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsrHg1ZOF8AIVoIGDBx3QtQfoEAAYACCym9BF;met=1;&timestamp=1618658205520;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIpPLi1ZOF8AIVgwyLCh1SAQ9KEAAYACCaodFF;met=1;&timestamp=1618658205720;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2E4D 42 B
67 B 61ms
61ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpPLi1ZOF8AIVgwyLCh1SAQ9KEAAYACCaodFF;met=1;&timestamp=1618658205720;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 11:16:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 17:37:39	Name: __hssc Value: 143679850.1.1618658195874
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 02:59:14	Name: hubspotutk Value: 77592c59c19dff57fe8aaccf71fda862
.cyberscoop.com/	1970-01-20 02:59:14	Name: __hstc Value: 143679850.77592c59c19dff57fe8aaccf71fda862.1618658195873.1618658195873.1618658195873.1
.cyberscoop.com/	1970-01-20 02:59:14	Name: __gads Value: ID=21c9877eb9fc2d96:T=1618658194:S=ALNI_MYJLqoLUuYJop4ZRfsvDTAZz1pPPg

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVyd_w4JxG-VW8CM81C9ljYCMW4vJbXQ4qvCrdN2QYvzD2-HvSV1-WJV7CgCsYV1DTjH7_WDTyVpQ4q91NScQ9W251YDb1K_9tqW1qXV0Y18w7Z5N8VD7NxY2VV0VJMf8r1PXqZTW7Nvqdg3ps8QGVTTG352ZpcRCN2z_yKMZCpV7W129t3H7JfdzVW2PrMyN96DDFVW9jM9cg1kzG2_W5T1rSH5ppRLrW8nPZ-d3XzKJ2W4mXBVy7QTD8lW4Hxqs12yfWKpW53SzMs21Y1Y8W6ZHPHF69J6C9W57dZ1K3jK7fXW3_NpSv2RHZ61VLN5Ld6cnQQwW7N5kPP83VWvQ3qck1(Line 13) Message: toS
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: ' { "@context": "http://schema.org", "@type": "NewsArticle", "mainEntityOfPage": { "@type": "WebPage", "@id": "https://www.cyberscoop.com/fedir-hladyr-fin7-sentencing-prison/" }, "headline": "FIN7 'technical guru' sentenced to 10 years in prison", "image": [ "https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1180873251-1021x681.jpg" ], "datePublished": "2021-04-16 13:26:50", "dateModified": "2021-04-16 14:33:28", "author": { "@type": "Person", "name": "Sean Lyngaas" }, "publisher": { "@type": "Organization", "name": "CyberScoop", "logo": { "@type": "ImageObject", "url": "https://s3.amazonaws.com/sng-global-web-assets/images/logos/cyberscoop.png" } }, "description": "Prosecutors described Hladyr as a "technical guru" integral to FIN7's operations." } '.
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.0009765625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37508d9f2543ad3826bde0755834cca0.safeframe.googlesyndication.com
6a7c36c82ca82516d31f8ca18d05fcdb.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
d1c9ebbce3cfbe21527cbb2f9401f8bb.safeframe.googlesyndication.com
dt.adsafeprotected.com
fc3402a1f28bd8ce83726178ef5b4012.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
hp.demdex.net
info.silobreaker.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
linkto.ext.hp.com
pagead2.googlesyndication.com
px.ads.linkedin.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.ojrq.net
104.244.42.195
104.244.42.5
142.250.186.98
172.217.16.130
172.217.18.102
199.232.136.157
199.232.137.44
199.60.103.2
2606:4700:10::6816:46c5
2606:4700::6810:5505
2606:4700::6811:44b0
2606:4700::6811:ba49
2606:4700::6811:d2cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2008
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::84
2a00:1450:400c:c0c::9a
2a02:26f0:7100:191::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.95.127.121
35.169.133.103
35.244.184.212
52.21.95.133
52.216.152.230
52.218.244.40
54.171.10.108
54.76.195.29
54.76.54.153
0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f21abcdcc1595ffec98f8bbae16ef14607e6ef6095f769d8ed1f9492fd1c15
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
15aedb14eb152a677c42c1f7f0c8690519e074fa1d962ad22c15513f2d2b5cad
17f1a56bdcbb39b54320afe483f67b89115f9ee70ccb51d04320829bd75fccf1
1ae31213486efa7916642a639bb20ab78004c59699b965f598d7abe2365a815d
1b4cb64a676f5c6cbb0f177491fa7d15c25c176af91958a46eb75915dfda21f8
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
21bf5c77b75da0dda5c739815451ee84b844ceffb122ed34bde15fc485828e0b
2698f2c8328e0bae05a2d93dc7aa5cd8ecf5b0a8a868f7314f67a63ae35b5951
290a3565ce995734efb0b21243a388e85ef8f288f4fbb332e3d4b038b7113f93
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2d0700f6652f6403859a0c6cf7a45de59bb351c547dce56e355349c59fc1a018
2ffd2af03bae9d2c5e74b9e1fd6cec31163f07dea47c704c125e821614a21ccc
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
36d0b8c3a05bac5650004af96db02c84f66e72265c302b325e3351c053942e59
379e419094c9f6e377c7250c502c49700ff9fcdd1cd65ceef32edee96daad284
3846a97a0042a5e7acc9841139ae0a287bd924345fa54b4e370b3cd491486792
3f212829c67ebb4044ba56c6f1aa9e723b01d57e6493ac39259874acb075cf7f
4345395d695d975ea987566c667cc521e4287880d8d56d2de9ac8bb099bb3dda
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4bd6d33882fbf43f9cb3e894d67bde3d440785ef7fa628253e0ec4e97921ceba
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4ec56d2bcb71dfed6e8f297afaecff795607b6dd15b385273445c326bc304356
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
562867b4da0f40e69c9cafe5effe883ff8cc91e9aa437a1010b34abca77a1e4e
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f5a092044aa54b2d740072e8126b214f6060080eb67f91e3fdef70c74c5a0d6
619cb0f3cb3356334f4b593e7f9b59e1a571a5ab6427e2270e057e8bb40f4dfb
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6ab2fbe53c3b6033526412e98f1ab37b5c158ee24e0dd89b10d30d6714436af8
6d6abea2afb9fdc78d1ae992d4a22978147741967d0f6644928ce2862506b6af
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
70738fea31db7120cf71a6484756370f7254e34115bccf7d620b36ed714b1212
7200551fd665af7aa8118452da767e496ff2136ef3a8de622a3e6fc40cc9f524
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
80d57b7b69c91b2923f08f62a4bb00a070f3999e9df16deb5e4c5581939abbae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1
8a73984c7b17513754e769cd09fb101aeef0017139a9319f154e74b0f33164af
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c357df249544f2d3b87dd076c81cc55226da9b428a50f94348e6677f3f786a1
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8e6e050845e20376893ab488f9c6ad5404a7228e04415fc3ff27e8a7d2e30945
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
99e6a89f2578748ce4f87ec7e64c74f06caee5bc1521c15d6693dab0eee3c137
9b2186de846dd6215380bb6db2a56361ba9cc8906ed9df89ce1a09c70d3d05a7
9ce44f2e74ba720f2824310678af36dd2af0a769fb904669e4c80e9941e42368
9e51acd2a56c3e199eba5beb53ad1970a05ea3c8c9b43274e6bcc4dba529e340
9f695d721a7e3c9d613970c4ec1460e420663d0688a37775da48d5015ba07b1c
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a0321081dbb9f591b655be2c1c7a2e49cd741b32884a99320686aa456f81bb3f
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4cc9159698bbddd91531d661bebd5fa8203a6ea9ce12e1a3f876b27190b237f
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079
b8338d5b375b9b9a9391d473aefa64119591934708f8c6de328c8f54224f3f20
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590
bdc943a19a6128ddd899ed40e359337e6b1a1a5aff4bd68e32d1e4d453719b3e
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c2fa4036e458cd83297bff6c08914ce03ef87bc9b6befd55e3cc9b7ab369ebc5
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cab98d776eeb9dba2e409297d7fcdd4a78739ba1e0e2d47a59eee9fe3a9c4c27
cb53fd4d514accd4713efc61055e9bac3059efa921cd700f1e0e62963b060c99
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
cc99037f9d3d134431b0c484ab2cd7143f8044a87d4c538e552fcfb4b2359b05
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7cf3aa7a14526c2844991894af1d4bfcd719dc32b066eb7ae23a76945b15c7
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941
d51dcec61cfcec2f87f0827e9956cef6e6aa0647146c9e503604ccfbcda485b8
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d7a9046c653c00c0b49f0926e9638749d6a37ccbacef5f0eb8a01e93474e19d4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6a8b9f73448d156bb7bd3a9bc4dd42e15622adb250971d16ef53a960145ade
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e255d544f723d3228d22fabd3e2c982f94fd558ba7a399615d5fc0d547f60cd5
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4587a9ceb14a8018d604daa891f5c1bda073bd575dabd4f1b9f17bfc32fe718
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e84eaff8259e3802d52534d6946979fa649a0d2604bd83c726375c7d8fcce988
e9270a81326607795ab986b54a84c53a0408682468f364bf2054566f95964f2f
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f5b49a816e996994ba43d5aff57292ee09bae473b25b394aa012ab97deecd8e4
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fab155f19bd3d480a8173e8ff956e3f6ffda0b42823e41d0ecc8b1376a85e413
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

100 %HTTPS

62 %IPv6

32 Domains

47 Subdomains

44 IPs

4 Countries

4765 kBTransfer

10014 kBSize

5 Cookies

15 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

100 %
HTTPS

62 %
IPv6

32
Domains

47
Subdomains

44
IPs

4
Countries

4765 kB
Transfer

10014 kB
Size

5
Cookies

237 HTTP transactions
6 data transactions