www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW...
Effective URL:
https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLd...
Submission: On May 29 via api (May 29th 2021, 12:36:59 am UTC) from SG

Summary HTTP 270 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 30 domains to perform 270 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
21	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
11	52.216.225.219 52.216.225.219	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f13... 2a03:2880:f13d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
42	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4 8	52.18.175.198 52.18.175.198	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
12	3.250.250.79 3.250.250.79	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f03... 2a03:2880:f03d:8:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
8	52.207.123.8 52.207.123.8	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
270	45

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.225.219 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f13d:83:face:b00c:0:25de (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.18.175.198 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.250.250.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f03d:8:face:b00c:0:8c (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.207.123.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com 8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com	502 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	290 KB
34	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	668 KB
28	adsafeprotected.com 4 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	372 KB
27	googletagservices.com www.googletagservices.com	650 KB
12	google.com adservice.google.com www.google.com	4 KB
11	amazonaws.com s3.amazonaws.com	54 KB
6	google.de adservice.google.de www.google.de	1 KB
4	atdmt.com ad.atdmt.com	2 KB
4	2mdn.net s0.2mdn.net	739 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	793 B
2	facebook.com www.facebook.com	406 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	97 KB
2	addtoany.com static.addtoany.com	60 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	3 KB
1	twitter.com analytics.twitter.com	661 B
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	t.co t.co	455 B
1	hs-scripts.com js.hs-scripts.com	669 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	hsforms.net js.hsforms.net	135 KB
1	taboola.com cdn.taboola.com	23 KB
270	30

	Domain	Requested by
42	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com www.cyberscoop.com
39	www.cyberscoop.com	4 redirects go.recordedfuture.com www.cyberscoop.com
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com tpc.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com ad.doubleclick.net a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com pagead2.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
27	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com www.googletagservices.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com ad.doubleclick.net a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
21	securepubads.g.doubleclick.net	www.cyberscoop.com securepubads.g.doubleclick.net go.recordedfuture.com www.googletagservices.com 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
12	static.adsafeprotected.com	pixel.adsafeprotected.com 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	dt.adsafeprotected.com	6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com www.cyberscoop.com a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
8	googleads4.g.doubleclick.net	ad.doubleclick.net
8	pixel.adsafeprotected.com	4 redirects 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
7	www.google.com	securepubads.g.doubleclick.net www.cyberscoop.com tpc.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	ad.atdmt.com	ad.doubleclick.net
4	s0.2mdn.net	ad.doubleclick.net
4	ad.doubleclick.net	www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	go.recordedfuture.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	go.recordedfuture.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	t.co	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
270	44

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.microsoft.com
www.washingtonpost.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-05-15` - `2021-08-13`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Frame ID: 216A74C1583D37FE76A86656C80CEFCB
Requests: 89 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
Frame ID: 6DA5D295CFA03A7ABDFC6FD53B8B3C08
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
Frame ID: 2A21FFC5E8EC137EA95187E4172B7FB6
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
Frame ID: A2BD532BF12387130AB7EC8774A16E86
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
Frame ID: D8F69A37FDEECF049F8BF6FCDFB4F958
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ6J79y253OgAj7bJjNoFSECdUVdN-PeBWOyBbp0ovv-lB6NnW65a8BCt8KZE3rcwwTVGfSlOu1ZEyjSROCNbkvN4b1Fj6y8LnJ47rW2gw6UuynwccUUQUGY889V3_lEdKILdpCwfHfmUQ6pP0jEgLnWyEoDSFUPUI3bNt2f_M1UNUn8-R08ld70V4CJyb0PwLeKLV22xqfi67R_ALdfK0Z4zvYtuC6zRbGXNuVJOI-PxsbWO6KoyV4JeC87UhDk1aiX4gb5VTIdCwzQDKF0vbRoSB79qtArz1F-X5Z1I&sai=AMfl-YRJti2glQMrjtQKn0xpNjBEeIyYNLjqPHmZ0cEKc316wbSS57y8LT5icAK8PAl-m_W5Oeg02b0hC3U2s2q4UGA3-NgHkeEEId-kMBAzLEHmo2OD-EU0e-4EDADwk64&sig=Cg0ArKJSzFWzhwo1C494EAE&adurl=
Frame ID: E2D2429459F2B35F0402D61954CBCE74
Requests: 9 HTTP requests in this frame

Frame: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0AC77825E90D47EF43235656D9D6A55D
Requests: 13 HTTP requests in this frame

Frame: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9B41AAC6454E8176E33F6719CD77C520
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D2AEFC0F938FCDD551C48FB09C091A42
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B997F091CD5D3F74DF0DA8BEEACE40A7
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=72.209;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=i0hycd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvY_UyJKPOqFRReqm5aleypfiB4R54CwAsEftB2-pmdCfDsdEKPlrFJFx0aRZsyH2XkBxv04acxveh5vYDXxEKghShr2BDZeEYVEEb0tKJvaBboBUAvb6IeUf9zPI3mJLH-I-aCvOL_b93UAlRv26aJ9p1UrtWPFS_u9RTRExKZ6hs_muG-p7dNpPlATuFx5tJsp-j1QF8wzi7axP3xxOiP9nTwcqyLbJphR5lF5nQyVlqwGwy_CdfKWXtmaSdhkoWzs2eQmv-nWIourocPQOOhf5UlFKZc8ZBnvvIj9KiIJx7Mxe8tslpxCvdMDHc1KUAQHNmcfC8%26sai%3DAMfl-YQwc-v-_krrG7HjG6XNW_5SgRx_QrNknGjBbyW_ny6P9vebbpovQ1RdllVj74CQbj4VmWO6snJe69LhOWvKYxXW4Ngl3itVF4RF1OYuYdo2cywhe5kfJ48Ir5qStVs%26sig%3DCg0ArKJSzAo4zO1gSYjTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=*TRpxtxo7C;osda=2;sttr=56;prcl=s
Frame ID: 8FFD4B3123B3160C04DD947268DA5AD0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A71A561F14BD766F6F6858B5EF19D742
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98BFCEE1E7B8C963933055778B0875B6
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303737488;dc_ver=72.209;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=21j65c;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzxfZWkQKzHV7rvtRhmPTOMYoGJ2oX-MbgjW2qfctoNe9U-hwfXxwW0iPKbwxXRsxRNbA-wITHdcP-35NGHjOS0ZQlaaJ_QCWEgzyvs-o05idzieQOzZBg72AUlpcOuY1IvsMe-yCwTyrt-_oFkxr0x-0brUDGJl5xZfwqXtEQCvPrj-KDhdAGqVRKZb3um3iSPiozJHcUvWOUFXwWtVOUBiaVsNRmN5rW4H90ONO7xJECzAYTCulUr_1oTCSWHlBhBzCwD1z6syCKuqX6DrIq3xlwx6hzOswk7WssHe1RKEK3U8KvApGx-QS24J0%26sig%3DCg0ArKJSzF1AGZ0om38oEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=B52h0CRRTF;osda=2;sttr=90;prcl=s
Frame ID: C65F3A74CEF150D34E3D7AD8CD9CC172
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 17A777AD54EAFA522E64999717A51D96
Requests: 3 HTTP requests in this frame

Frame: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3D31276DCDE85035B6FE0CEF109E6307
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: B2F2AEE5BC67146EB07D07D41BE3F9A3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 5CF94557EFC940574ECD467285962167
Requests: 1 HTTP requests in this frame

Frame: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8AB68C55F04EDBCDF2194A75CA1CA7FA
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: EF9F53A9DFF0382E007827716667AA9A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BC741ECB947C948B432044FF4754B36
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303488786;dc_ver=72.209;sz=728x90;u_sd=1;dc_adk=2313985828;ord=2f18o7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssLxVdWLOIgbAjGaVcSI1TsoGu8FeEqzKTu3q4pKSFqkGoSoyFHCvnFLjZKCUlJz5D4BaHk6qpPBsP3iClRtbMRgeNDLjZlGLFtfHxrw_5xC4IF8aca4CD3g_TeRY129ZKVLKGcVkhGXsLLx7RnKvzmaSKOcOdC1EQlgj49JiP2wj8abYe9Vsn7EhbpSPmebk07S0k8O-ZmC8hwWcqngNII_RDbZaVkGqfxI40sq-gkbUuoJC5dOyBEtCh_cgRi3VnKPOP3pturIwhANX-IgWQVbJRayhA1ryGU0yeoYohTWdbY5SMBtiu_QjXOQ3Cpw0UEF-g%26sig%3DCg0ArKJSzHU78tB6gUbhEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=xx2SHZ1eRF;osda=2;sttr=101;prcl=s
Frame ID: DB61ABD10A4D748AA7EDD9EBDFED7EA1
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=72.209;sz=970x250;u_sd=1;dc_adk=2711260096;ord=he9ato;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv0Jycs0Ke7gBoNZgwoLvowq8SGE2xT0lv03MsLEfDSkMqM-a5ZGyUq6MBLTTV8acttk-D9iJWTf6DNblQjmOFNFSfZJTmqxFSR5T7-8Y4y8R9ByKzQPLstiguSf8SZJjYdGEFy9mlaAWgeCbozkzGtRXKm_hKJGtZdPJKcvm07e2TwZDU9QJiigUDN3YgORKgqjkncUoLppIgG6ArOxFlYG2A91LB7e0zlCYj2b9cp5npSxcAU7XuqIMUHa6nCa7XNghItrLzDBfU8GPs96LTHlswvmCuHwLbwliwk-VoJsZDQURkuvudSGL_UxOx2gPTC1WMo8gRc%26sig%3DCg0ArKJSzCyczgf358maEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ump7r76Mkf;osda=2;sttr=66;prcl=s
Frame ID: BF316B98E6BE86DCBDEA11970E86CAC1
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: 2B001B3AE6D03E7C98A70F9FCDBFEC92
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 2BABDED8DBAE80C529BCB766655EB3E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE1E66EDA3035BB399DB0B03F9F5325A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: EEAE4F4EF86F40517BF31E8CA26CE2C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43B1484136C4EA13E1FFA50A9457C604
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: 036CD171F7B2D758DB96A7C6874A64A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: EE8B5246C5961CAD96E839C1D22D0F16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5F779E9494EDC6C1EE3E086272B5E468
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E9E59117AC38D21993F6F3E554B2690
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 84897DAD7A26FE27AB38B90C2636A6CE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A1BFFCEE454AE7B1A519D094E8A947A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 653CBE27F6F3A3EE0E480CDABFF92C60
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F94A7CE016BD5F227AE7A94786098EB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5... HTTP 307
https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hse... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

270
Requests

100 %
HTTPS

73 %
IPv6

30
Domains

44
Subdomains

45
IPs

5
Countries

3814 kB
Transfer

9064 kB
Size

6
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/
Title: Microsoft said in a blog post

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/politics/biden-putin-geneva/2021/05/25/8942cda8-bd5e-11eb-9c90-731aff7d9a0d_story.html
Title: prepare to meet in Switzerland next month

Search URL Search Domain Scan URL

URL: https://twitter.com/TypeMRT/status/1398266210752548864?s=20
Title: tweeted

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1&__hssc=143679850.1.1622248601955&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1?_ud=c2cb6e3f-e61c-453c-ab42-8f1fd427ab47&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1622248597713%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fmicrosoft-solarwinds-russia-svr-usaid%252F%253Futm_medium%253Demail%2526_hsmi%253D130250426%2526_hsenc%253Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%2526utm_content%253D130250426%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&liSync=true

Request Chain 162

https://pixel.adsafeprotected.com/rfw/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:50eff74b-5e57-bcab-6ae2-97e1cd2470d4,c:dXM7S8,sl:na,em:true,fr:false,mn:app23ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:syKVNND+11%7C121*.488356-54699616%7C12111%7C122%7C1231%7C124%7C1311%7C132%7C133%7C134%7C141%7C15%7C16%7C17,idMap:121*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:424,oid:ef02663b-c015-11eb-9da6-0ad2739237b2,v:19.8.205,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 164

https://pixel.adsafeprotected.com/rfw/st/488356/54699618/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fafec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fafec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:62dbf585-b510-b8b0-46c8-7ff3e7eee2f7,c:dXM7Sy,sl:na,em:true,fr:false,mn:app33ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:syKVNQB+11%7C12111%7C1212%7C122%7C1231%7C124%7C131*.488356-54699618%7C1311%7C132%7C133%7C134%7C141%7C15%7C16%7C17,idMap:131*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:265,oid:ef1440a9-c015-11eb-80a7-06a409929697,v:19.8.205,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 220

https://pixel.adsafeprotected.com/rfw/st/488356/54699612/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:92b085fe-32a4-8b76-b39b-5ee148909bba,c:dXM86N,sl:na,em:true,fr:false,mn:app31ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:syKVO1T+1111%7C112%7C12111%7C121121%7C1212%7C122%7C123%7C131111%7C13112%7C1312%7C132%7C133%7C134%7C141*.488356-54699612%7C1411%7C142%7C15%7C16%7C17,idMap:141*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:448,oid:ef806f4a-c015-11eb-a662-06cc0da90f4d,v:19.8.205,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 227

https://pixel.adsafeprotected.com/rfw/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:3de61ec2-df4e-b9df-3da4-251b8c831ef4,c:dXM88X,sl:na,em:true,fr:false,mn:app29ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:syKVO5y+111*.488356-54699614%7C1111%7C112%7C12111%7C12112%7C1212%7C122%7C123%7C131111%7C131121%7C1312%7C132%7C133%7C14111%7C1412%7C142%7C15%7C16%7C17,idMap:111*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:356,oid:ef8d8f75-c015-11eb-b430-0ae27972a930,v:19.8.205,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

270 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vh... Show response
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 50ms
50ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c82c3567fbebb3260e32f74046024153c6798fc1b07ceace95a5c109643533

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:35 GMT
content-type: text/html;charset=utf-8
cf-ray: 656ba6397b0e2c52-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a572637e800002c528f12e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: ecd15c28-d47b-47dc-9907-657ca9b19d6c
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LU2JbKMViGgrCmiICmLChyhINXDU64R4DA4ly3RyUwV4CYUz5rqvZZJjFV35oUgs%2B77Q3W3%2FOkWH7aQihEdEHqItZsUUsC3ftRrC9NwlQUsIHmOUED5Y585c9JKPpdx4O%2FWdC%2F2Ftgaaru7eUl8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=f683db14e59a37af9c59bece98a400a6d44d5ef6-1622248595; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVS...
https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjA...

55 KB
14 KB

1374ms
1155ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

78a15c436ac9f17a85493d5231325873eb27ccb668ff9a7e773a4bca8984d028

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1

Response headers

server: nginx
date: Sat, 29 May 2021 00:36:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/56687>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=56687>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Sat, 29 May 2021 00:36:35 GMT
location: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
cf-ray: 656ba639db842c52-FRA
link: <https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a5726382600002c52b88b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 52c28ad4-8f13-4a63-9b9e-00df179a8e39
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YCRx0J9DIXFjkMivcWLeTQGKngOx5y%2Fy1t9bDgjAmGGsBpcauLsBfVv68R3Ax8v6YQnqGrXubDAxGpNTnXvAvlY4ALseXroYyJSRlXNl1WaLMQo%2FhHU13UP%2F1ZNcjwGaJurgEHYo2NSVtkNALnM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 107ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
839 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 29 May 2021 00:36:37 GMT
server: ESF
date: Sat, 29 May 2021 00:36:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
655 B 26ms
21ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 29 May 2021 00:18:57 GMT
server: ESF
date: Sat, 29 May 2021 00:36:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 106ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 jquery.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 87 KB
31 KB 106ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 11 KB
4 KB 108ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 109ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 109ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 109ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 108ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 69 KB
23 KB 221ms
202ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c63819a1178d76ed30bef8babb538a11241ca31e0f4a34c6c682239cfd47b0d1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ouMF9io6i5wg7o0oJcvQx41Q1WD5a4bM
content-encoding: gzip
etag: "38465746573d8a988bc3339d004a77a5"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23332
x-amz-id-2: mK/iazJ1lY+Smc6ubVE9F/yhsOjv31tVhzCGCllwHFCGrMNJIlHq2vujOyFrjmd+gpfzHdopVyU=
x-served-by: cache-hhn11564-HHN
last-modified: Sun, 23 May 2021 11:42:25 GMT
server: AmazonS3
x-timer: S1622248597.054558,VS0,VE194
date: Sat, 29 May 2021 00:36:37 GMT
vary: Accept-Encoding
x-amz-request-id: QVAHGE8YVCYHXQM7
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 23
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 108ms
106ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 108ms
106ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 204ms
202ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 205ms
203ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 44ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

1333453e2f8314ecb60cc89330c0bf6d8713d2ecc2733a41d28257047936f1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 618 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21483
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 436ms
134ms Image
image/svg+xml 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: YZAAN3HNEGGT2X8C
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: Rfiux2/FIPaguJDiQLMWQ8IoQCWjDmlc17GGRYRigIk3PFG/uqb9ko5Kh1VN9i3me06/xdGkTSM=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 439ms
137ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: YZA0R3PJRCT67CKB
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: 4pyjR4+HMfMxnUZKmYd7aBmVArKnyYxVMZZsedY2lEbAEroufkbP0EIYLGxAxlY+LVrAuKKQ0Cg=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 104ms
101ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 104ms
101ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 105ms
101ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 105ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 105ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 418ms
118ms Image
image/svg+xml 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: YZA8JXDAWZN3QV3V
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: YiY4wNKXzJ+/I+F+cflQjbkUujx2Xk/VrThx+X7ItRnvCIpn6r1zjL3uH81IZ8kapI8zN9eT798=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 571 KB
135 KB 45ms
29ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a2fd62f072453a52546cf0e32870250bc7a737dee1115e655b6492885ab80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a57263f6400004ab0051c8000000001
last-modified: Fri, 28 May 2021 08:36:34 UTC
server: cloudflare
etag: W/"8419f141b5a4d23ec0fb7e65f1bf5c88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RtxJCbPCPH3OX3oFz8x0aou5zGSPeyrX9DzU5puPPwzqNU2o5NNxYwn%2BrGkod6X0Kl1SJFPlmCdLzmC2RPwPpLQlAKwcYXXGGJasEJMaab455V49ATsi9lGpyB5SIB11Oqs9GpoGxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: r.oOW.rJbvq7BV4KKNWdxhvtHZ0tOi1e
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 656ba6456a304ab0-FRA
x-amz-cf-id: oTB9b37_yoqEYN-Ly92IxJqQ0Ykuh8CdiN2llV4HneaTTQ2y_najpw==
x-hs-target-asset: FormsNext/static-5.306/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 161 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21426
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 102ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
986 B 104ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
52 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fde8c97a99cd8fd3629fc55a2311d16bbd65e0be965ac7111a227aa6ab54423a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52722
x-xss-protection: 0
last-modified: Sat, 29 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 105ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 186ms
186ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Sun, 29 May 2022 00:36:37 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
26 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64445
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a57263f6f00001f3dbe0fa000000001
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 656ba6457a2e1f3d-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 428ms
121ms Image
image/svg+xml 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: YZAECTAKNP1VPKQT
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: GvEMp1ul5nmY8NVF/b8/2G5ICBtQXjZNcG5je9DINdCNyL0m5a5sBVQc21yszCdHPBLXc77fcFw=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 448ms
141ms Image
image/svg+xml 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: YZA4G4FYM8BD53WZ
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: RAzyzfUZwazWn3ylzC769y0DVQ4N4DvP69zW65xOFsvInXKkeWjB6q+0Jw9jclmP6CEfXXlEBdI=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 23:56:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
age: 175190
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
expires: Thu, 26 May 2022 23:56:47 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 102ms
101ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 6DA5
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,s...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csv...

2 KB
1 KB

1377ms
1376ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

61216e708946df00051e394207447bfe5272a4c600c200d9e83527c179c6dffa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.1.1622248598383.1311999267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Response headers

server: nginx
date: Sat, 29 May 2021 00:36:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 29 May 2021 00:36:38 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 2A21
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

1 KB
900 B

1228ms
1228ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

ba6dddf67dd3b5f2d60b59a4b65f0d317446f019c6e9e9e0cc34adfd492b8e09

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.1.1622248598383.1311999267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Response headers

server: nginx
date: Sat, 29 May 2021 00:36:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 29 May 2021 00:36:38 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame A2BD
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=election-security,espionage,microsoft,phishing,russia,solarwinds,svr,usaid
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

2 KB
1000 B

1120ms
1120ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

a6d00cff748a5e8d331b1ae1adbc5c305e6cbdf0799e440318cc9ebd3004e9f7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.1.1622248598383.1311999267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Response headers

server: nginx
date: Sat, 29 May 2021 00:36:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 29 May 2021 00:36:38 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame D8F6
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security,espionage,microsoft,phishing,russia,so...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolar...

2 KB
1 KB

1366ms
1364ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

115aa70aace6401978ed9e106c6f4c94c2a6a3ab6b08d122db34aa62aebd00dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.1.1622248598383.1311999267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email

Response headers

server: nginx
date: Sat, 29 May 2021 00:36:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 29 May 2021 00:36:38 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1207074418-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/02/ 73 KB
73 KB 108ms
104ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/02/GettyImages-1207074418-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 56b2a23b4518aea888dad480aa3e88a37cf74f87c1ffc955f1ba4b015dc314a0

Request headers

:path: /wp-content/uploads/2021/02/GettyImages-1207074418-1021x681.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Fri, 26 Feb 2021 15:31:11 GMT
server: nginx
etag: "6039143f-12210"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 74256
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 GettyImages-1320051830-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/05/ 13 KB
13 KB 108ms
104ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/05/GettyImages-1320051830-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbd43673ef999197a17096b6bea3616f46c029bac8c8ee2ae713dd1d3c0e9241

Request headers

:path: /wp-content/uploads/2021/05/GettyImages-1320051830-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Fri, 28 May 2021 16:58:39 GMT
server: nginx
etag: "60b1213f-3250"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 12880
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 GettyImages-1228796134-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/05/ 6 KB
6 KB 108ms
104ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/05/GettyImages-1228796134-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ef2d0dfd42bbdb2f7902bb82894be0085ea9e41a47b711a7622f5da7c0e1e490

Request headers

:path: /wp-content/uploads/2021/05/GettyImages-1228796134-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Thu, 27 May 2021 22:15:35 GMT
server: nginx
etag: "60b01a07-18dc"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 6364
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 GettyImages-1228098927-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/05/ 16 KB
17 KB 108ms
104ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/05/GettyImages-1228098927-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9db0a9bc6c3ff133f89a32575d7ea5a1c7c83f4ecb630e4ef1a77700ba5b2c2b

Request headers

:path: /wp-content/uploads/2021/05/GettyImages-1228098927-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Thu, 27 May 2021 20:55:38 GMT
server: nginx
etag: "60b0074a-415c"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 16732
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:16:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
age: 134437
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
expires: Fri, 27 May 2022 11:16:00 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 04:11:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 505505
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Mon, 23 May 2022 04:11:32 GMT

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
age: 269437
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
expires: Wed, 25 May 2022 21:46:00 GMT

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 136ms
121ms Script
application/javascript 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc428689da938b74871785ff375c13d28e8aecd65aa3c073fa405696d3025647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 411c5a3e-09c1-460e-9802-61707efdca9d
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a57264054000016eec380f000000001
server: cloudflare
x-trace: 2B3B6B11907B84AFAEAB3B87126C842F8D0978376A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 656ba646eb6b16ee-FRA

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 104ms
101ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 104ms
101ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 104ms
102ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 104ms
102ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Mon, 28 Jun 2021 00:36:37 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 310ms
109ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZA101QABTHGHZRN
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: XogNdBtxKAoR3jd3hPkxTv7vIzNcV4HwAAQpmH/iBM6it+c6gyQpuqQvxUtxZjUnDSC1RAXNV/I=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 140ms
118ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZABRY5JATG8CSF1
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: /8Pcqe2iohu4vclfr0Z8mo8PLqdUmjBsoC8GQgzbd1Qtu/itl66FV1+r886A71fQB0tYkMbEBpA=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 118ms
112ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZACF99FDTGAP6YP
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: d1I3vSrm7LdxPindRdiDhwAlmzd0ZWp9qkOZMyucrB+CAxHikqDbvOkhCG77PGHvxdQKDe2Boek=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 113ms
109ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZA6FR9YKDN7NK0Z
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: ZqT2Q2oxoidyvuhBHXFR9Ycj7piDTpmh41h7FQ4uYf2mjlt7TOesr+7EWQH4Uul4ZXncE8J+Cio=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 129ms
120ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZA2M0YB4ED8PV1M
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: 8eqvpaDZnMxPovbRKfiHhErXZCigfQKmdAbe4kINScVb4dAM2t25Jvd9v06YAxOD5IQJB1PPpug=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 164ms
123ms Image
image/png 52.216.225.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.225.219 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:38 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: YZA7CKWW17JDE5Z1
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: /zEas/HYaUSQI2e3onmPDADPX1CRriVGPiYpFXtiIbDTvT1NMiZlkUWh1/Lst/5LK83pr8Q5BxI=

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 45ms
31ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5802044
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a572640930000d6e1bb8eb000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 656ba6475ef4d6e1-FRA
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 00:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83782
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 27ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 85492
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1622248598.659162,VS0,VE0
x-served-by: cache-hhn11558-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
25 KB 39ms
12ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9LxyX2QVE/Y/vSV5V01fHXmotngEiN0GDZmJV+BIG99mkX+ceSW9i3Lq4TWWYg8+Mc35tGhAk2nseo7Y27UHAg==
x-fb-trip-id: 95149190
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 29 May 2021 00:36:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1016 B
669 B 120ms
119ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f0b239316bc92dea8931498fe5bf00c4e475bf203eb8419bc56128fe543704

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 9465da55-6b85-403e-8199-5fdfb8b9ca3b
cf-request-id: 0a5726408b00004ec879984000000001
server: cloudflare
x-trace: 2B2FA9612EFFC700D747C1BADF4A2BE089B668C840000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 656ba6474e884ec8-FRA
expires: Sat, 29 May 2021 00:37:37 GMT

GET
H3-29 200 pubads_impl_2021052501.js Show response
securepubads.g.doubleclick.net/gpt/ 310 KB
109 KB 33ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111175
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 585
date: Sat, 29 May 2021 00:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 29 May 2021 02:26:52 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1622248597713%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%...

0
462 B

191ms
191ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&liSync=true
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: LvJNSoFigxaQqNn2OCsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: qtJOP4FigxYQktSrLysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: BB644A25582A48659A747E9F9089A5F6 Ref B: FRAEDGE0907 Ref C: 2021-05-29T00:36:37Z
x-frame-options: sameorigin
date: Sat, 29 May 2021 00:36:37 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1622248597713&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: wkocSS+oKuKozJ0zBbxXxibswFZYc1p7SCJZ43TwLXy6HegHOm4DMEE50LZRUxEPvEgNvCY5z9KsbxEOsMVBpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 29 May 2021 00:36:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 151ms
119ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 29 May 2021 00:36:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 68ed70f705cf365ce9de85fdf6f846c12f4cb55185456d53a98d8eb402b3f8b5
x-transaction: 2f7dc39fa1f20462
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 49ms
48ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1375574242481796&correlator=3887909224290048&output=ldjh&impl=fif&eid=31060789%2C31061312%2C31061327%2C21068030&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210529&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1622248597&dt=1622248597746&dlt=1622248597030&idt=702&frm=20&biw=1600&bih=1200&oid=3&adxs=480&adys=365&adks=113530204&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=640x-1&ga_vid=314772694.1622248598&ga_sid=1622248598&ga_hid=1268683713&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

44e320ecbd9dc0d41986b373c3b7c927926f854576a5e8349f14ef84afddf8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14662
x-xss-protection: 0
google-lineitem-id: 5621000583
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339947616
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 83ms
14ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 31ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1268683713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&dp=%2Fwelcome%2Fmicrosoft-solarwinds-russia-svr-usaid%2F&ul=en-us&de=UTF-8&dt=SolarWinds%20hackers%20are%20behind%20a%20widespread%20phishing%20campaign%20impersonating%20USAID%2C%20Microsoft%20says%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=2065472408&gjid=817192409&cid=314772694.1622248598&tid=UA-80491860-1&_gid=694396871.1622248598&_r=1&gtm=2wg5q1KR697BF&z=1499022882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 May 2021 23:20:40 GMT
server: ESF
date: Sat, 29 May 2021 00:36:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 May 2021 00:36:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
12ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-80491860-1&cid=314772694.1622248598&jid=2065472408&gjid=817192409&_gid=694396871.1622248598&_u=YAhAAEAAAAAAAC~&z=141259399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 29 May 2021 00:36:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 60 KB
14 KB 503ms
499ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: HT1GMXAPPKW0ETCG
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: nzEvQmcoUeoZyg9H0IJ9ODNgeSzcXd5RClzTaW1Idc3GnmS5dNdvkDRf/2R6QWcu2sJ3XSvdMZ0=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:34:34 GMT
server: cloudflare
etag: W/"7d1960c560e9e1a7c68d368bb00a59bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7fcETuGJ5.5rTY48fGHOjt280gru2ST6
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0a5726412a00001f1d4d29a000000001
cf-ray: 656ba6484b0b1f1d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sat, 29 May 2021 00:41:38 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1622248500000/ 62 KB
18 KB 151ms
146ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1622248500000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YZA50698P7W7E22Q
x-amz-server-side-encryption: AES256
cf-ray: 656ba6484e6cd6d5-FRA
x-amz-id-2: BVtjydP9qTYCczRN7ZNdujjagwj/fAg7ac8sDUTgFgYK+Ry55M5jo8OFrqZ+u5dUifZbQicDFmY=
last-modified: Wed, 12 May 2021 19:10:17 GMT
server: cloudflare
etag: W/"95a153c93e899095ceff108333b7e80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0a5726412a0000d6d508ab8000000001
content-type: text/javascript
expires: Sat, 29 May 2021 00:41:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E2D2 0
0 46ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ6J79y253OgAj7bJjNoFSECdUVdN-PeBWOyBbp0ovv-lB6NnW65a8BCt8KZE3rcwwTVGfSlOu1ZEyjSROCNbkvN4b1Fj6y8LnJ47rW2gw6UuynwccUUQUGY889V3_lEdKILdpCwfHfmUQ6pP0jEgLnWyEoDSFUPUI3bNt2f_M1UNUn8-R08ld70V4CJyb0PwLeKLV22xqfi67R_ALdfK0Z4zvYtuC6zRbGXNuVJOI-PxsbWO6KoyV4JeC87UhDk1aiX4gb5VTIdCwzQDKF0vbRoSB79qtArz1F-X5Z1I&sai=AMfl-YRJti2glQMrjtQKn0xpNjBEeIyYNLjqPHmZ0cEKc316wbSS57y8LT5icAK8PAl-m_W5Oeg02b0hC3U2s2q4UGA3-NgHkeEEId-kMBAzLEHmo2OD-EU0e-4EDADwk64&sig=Cg0ArKJSzFWzhwo1C494EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame E2D2 17 KB
7 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 23:53:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E2D2 2 KB
1 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 23:41:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2D2 121 KB
37 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E2D2 0
0 16ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCFy1oDNEBE9Pjcqxf0i1nKhOyjHExd0JQLA8g7DjBWvsC55_E6Lk_73NHInWwT5R5_Xlf
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4504558392440229951
tpc.googlesyndication.com/simgad/ Frame E2D2 123 KB
123 KB 24ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4504558392440229951

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87062576ceb72abbd49dda64dd345333af24907a102888020c62fb7c98081f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:42:39 GMT
x-content-type-options: nosniff
age: 251638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126357
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 17:11:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 02:42:39 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=314772694.1622248598&jid=2065472408&_u=YAhAAEAAAAAAAC~&z=674592290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=314772694.1622248598&jid=2065472408&_u=YAhAAEAAAAAAAC~&z=674592290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 51ms
15ms Image
image/gif 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&rl=&if=false&ts=1622248597881&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622248597878.1547651651&it=1622248597722&coo=false&exp=l1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 29 May 2021 00:36:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E2D2 0
0 57ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn4ewpQ--j0SaLVYvvKzmu3wmy0LhYMlahnohx5fMk3ABMrnU7lCapuls1UiLmW9L4sAefe7qQbZ4gAPsgHcBFny-j_AJTYXlVHnFDjENqgIveJGyOvQc7878McksdInSSUCC2Q9QUDI1FlvzmBdOoalO6lvZGcmODP1suttgfC3ZyyHQ20UAbrSzEFKr_9SXQ4KT3G8Y68uSTso_U1W5tgjW0E3X13758HI0Xtrv1y44EGWWDzwLakjO0e6cVAKdvG-sG2bjHDWmU0tOCDvepTBWWt3exDuoIzs__Zf-jqg&sai=AMfl-YRkG1KcIPB4mhJl5WBzy5PCoS6WgR7sfBGM0JtArYI3iIGps-9TVEmGJ2SgPtuUF7JCeG3DncTr_BjvrC0m9HSRKMML11A4sB_VEHRWHaETcj4S4NpsnkYQTk1CfEU&sig=Cg0ArKJSzL4PBLSm2KxwEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:37 GMT

GET
DATA 200
OK truncated
/ Frame E2D2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1060fb7b42df32809b5c1fbbdabafc73388ee8c3b58df801a76f332e9debb745

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 14ms
14ms Ping
text/plain 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOEkiFSBJ7bdX8YWm

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 29 May 2021 00:36:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2D2 42 B
501 B 34ms
15ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh8BXvA06LM6Kv16HgqGQe2irRAD_QkjZSZ6O8sLYlxjzmq08AWbrrjjrEfDjUL7eBKTwmCrsxddN5KOoFfhME5NytbD43EtJdOsNFxNQ&sig=Cg0ArKJSzHygSfg1ynrOEAE&id=lidar2&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622248597830&dlt=0&rpt=136&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2A21 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83cd4afd9a3acd6ea6655fb9b5eeb23a90c0b4cd6a424c6faa0dee9a80ca5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 543 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21474
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:39 GMT

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2A21 311 KB
109 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2A21 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2A21 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2A21 9 KB
5 KB 46ms
46ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3826312886683906&correlator=3033452331925915&output=ldjh&impl=fif&eid=31060783%2C31061304%2C31061328%2C21068767%2C31060839%2C44743003&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210529&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid%26categories%3Dgovernment&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1622248599&dt=1622248599909&dlt=1622248599815&idt=71&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1405&adks=4064999910&ucis=h4e9i0xl4x2s&ifi=1&ifk=1680584146&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=217979156.1622248600&ga_sid=1622248600&ga_hid=2115315076&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f330ed0d3107f83820f0e90feb66a3062168075b38de546633e67eec7b4d7b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4876
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349718672
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A21 0
0 30ms
16ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A21 0
0 8ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A2BD 62 KB
21 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfee0c5c75c6e80b3df0cf7b20964ddf0abef211d4bba93954966be391097e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 13 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21419
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:39 GMT

GET
H3-29 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A2BD 309 KB
108 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:39 GMT

GET
H3-29 200 container.html Show response
6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AC7 6 KB
3 KB 36ms
8ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 29 May 2021 00:36:39 GMT
expires: Sun, 29 May 2022 00:36:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A21 73 KB
27 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:39 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2A21 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c72acb2e54e6b487fd40d36695bfc42be22b764e0a9c1980e0ecc30435308b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7703
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A2BD 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A2BD 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A2BD 8 KB
4 KB 51ms
51ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1941290746619049&correlator=3992235814745317&output=ldjh&impl=fif&eid=31060783%2C31061040%2C31061305%2C31061351%2C31060976&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210529&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&cookie=ID%3D226e724a6cfaa58c-221460a229c80067%3AT%3D1622248599%3AS%3DALNI_MYUjt4GbopVqESMYZVwz_5oQxs2eA&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1622248600&dt=1622248600049&dlt=1622248599928&idt=89&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1670&adks=2863372106&ucis=uhi12ikikm9&ifi=1&ifk=317747910&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1643200329.1622248600&ga_sid=1622248600&ga_hid=1913745202&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6bae96ee7798cfd1ff8397ccaf17638189ea3dc201fb59bb483807c6f8338649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4522
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349718180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2BD 0
0 57ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame A2BD 0
0 12ms
11ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A21 17 KB
6 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0AC7 22 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 11:13:16 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0AC7 8 KB
4 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
last-modified: Mon, 24 May 2021 13:56:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 29 May 2021 00:44:33 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699616/ Frame 0AC7 45 KB
13 KB 127ms
46ms Script
application/javascript 52.18.175.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 94578eafb2e7dfb7e4b3b08d805b8a205d6e30e6c1a011b420258d5d41f78718

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AC7 121 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AC7 0
0 51ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxlq2Xw5Eb41u9lQ_TslRC_Vbg2G_5juXlKi_UmL9nL1RGGosb36ji0sfhw38v19sAHCRF2T3xjgnmz7IsUyvrh7f_7j-Wi8WW4m0ki0AEYJVj5PxzDre7ldOkEnTCRwKiqYu7gR7RsRAqH2pg6nTYPLUR7ryYP5ahpPKU6zsBqX1YolonRVp-FlvcpskImFM1UBY6QlrvjujC3hBDebV6kB5vWogw9BLIHCBksJTutxt4vewCkjaXZUjlvnEv2m3bwdm4EJttw4X2IcJqa0kriVbosihLekXuyKORUW7Y4KwaTkzyBlg3Gz1byRTDu6dRGX413fGG8DQ&sai=AMfl-YQgSPt2soTgvNCssErq9KRujxkgoqHjcAAodS8z7uvTYUjGFXVnezoSK3U9vvnPcH0oWGea-3DyxlRH-b5hSwE5tw2Eue_zK8f0gThbOp0GywyEllk36AZ-7xnJh0M&sig=Cg0ArKJSzPR8y5oTSM2KEAE&urlfix=1&adurl=

Requested by

Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v72.js Show response
www.googletagservices.com/dcm/ Frame 0AC7 37 KB
15 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v72.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:34:47 GMT
server: sffe
age: 211925
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15545
x-xss-protection: 0
expires: Thu, 26 May 2022 13:44:35 GMT

GET
H3-29 200 container.html Show response
afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B41 6 KB
3 KB 26ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 29 May 2021 00:36:40 GMT
expires: Sun, 29 May 2022 00:36:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2BD 73 KB
27 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A2BD 10 KB
8 KB 42ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81378dd9158a9b6cbfdbec17f6a3b25c0cb22232a1e20b8060e9b920136e26e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7720
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D2AE 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 29 May 2021 00:20:20 GMT
expires: Sun, 29 May 2022 00:20:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B997 783 B
782 B 17ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecf7beab7b4561e0b50a66cfe8ddf3b9620fad8664e5cd097d491b496ee1c7bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uDp4qDJ+az1PQj0+3qiedA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Sat, 29 May 2021 00:36:40 GMT
date: Sat, 29 May 2021 00:36:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uDp4qDJ+az1PQj0+3qiedA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25791652.303544152;dc_ver=72.209;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=i0hycd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvY_UyJKPOqFRReqm5aleypfiB4... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame 8FFD 34 KB
18 KB 86ms
39ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=72.209;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=i0hycd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvY_UyJKPOqFRReqm5aleypfiB4R54CwAsEftB2-pmdCfDsdEKPlrFJFx0aRZsyH2XkBxv04acxveh5vYDXxEKghShr2BDZeEYVEEb0tKJvaBboBUAvb6IeUf9zPI3mJLH-I-aCvOL_b93UAlRv26aJ9p1UrtWPFS_u9RTRExKZ6hs_muG-p7dNpPlATuFx5tJsp-j1QF8wzi7axP3xxOiP9nTwcqyLbJphR5lF5nQyVlqwGwy_CdfKWXtmaSdhkoWzs2eQmv-nWIourocPQOOhf5UlFKZc8ZBnvvIj9KiIJx7Mxe8tslpxCvdMDHc1KUAQHNmcfC8%26sai%3DAMfl-YQwc-v-_krrG7HjG6XNW_5SgRx_QrNknGjBbyW_ny6P9vebbpovQ1RdllVj74CQbj4VmWO6snJe69LhOWvKYxXW4Ngl3itVF4RF1OYuYdo2cywhe5kfJ48Ir5qStVs%26sig%3DCg0ArKJSzAo4zO1gSYjTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=*TRpxtxo7C;osda=2;sttr=56;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

2e2374bb23209175e03062927527a9e21addfcca21923e9730a945f630dc7d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=72.209;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=i0hycd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvY_UyJKPOqFRReqm5aleypfiB4R54CwAsEftB2-pmdCfDsdEKPlrFJFx0aRZsyH2XkBxv04acxveh5vYDXxEKghShr2BDZeEYVEEb0tKJvaBboBUAvb6IeUf9zPI3mJLH-I-aCvOL_b93UAlRv26aJ9p1UrtWPFS_u9RTRExKZ6hs_muG-p7dNpPlATuFx5tJsp-j1QF8wzi7axP3xxOiP9nTwcqyLbJphR5lF5nQyVlqwGwy_CdfKWXtmaSdhkoWzs2eQmv-nWIourocPQOOhf5UlFKZc8ZBnvvIj9KiIJx7Mxe8tslpxCvdMDHc1KUAQHNmcfC8%26sai%3DAMfl-YQwc-v-_krrG7HjG6XNW_5SgRx_QrNknGjBbyW_ny6P9vebbpovQ1RdllVj74CQbj4VmWO6snJe69LhOWvKYxXW4Ngl3itVF4RF1OYuYdo2cywhe5kfJ48Ir5qStVs%26sig%3DCg0ArKJSzAo4zO1gSYjTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=*TRpxtxo7C;osda=2;sttr=56;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlK0QZm5g4RN7ncQX8EURjOn7guHnRqUlVu_oHIezSl2CWCq_RZZ6fDLGKpD-o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 May 2021 00:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 17990
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D8F6 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-9AKjTWZnqr-billboard&category=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 319 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21483
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A2BD 17 KB
6 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H2 200 main.gr.19.8.205.js Show response
static.adsafeprotected.com/ Frame 0AC7 182 KB
58 KB 166ms
51ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.205.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 65b0c88404c002d34f78a30c820a5d895b7f992843bdda5631be2022128bcbcc

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 16:52:54 GMT
server: nginx/1.16.1
etag: W/"2a9fef950e9482a511b33a92594e62e3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AC7 0
0 52ms
52ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5efcmJ8DQQ27yyMxF-OPcovBWk5-MXFkvK_f5oPzyVObnDRWmUF8_Gq1kxfsccnnon2c3uAtWc3ag1i4vnn5NDp1tqHy9ybGGPmK0zQag20D8tASsQ36y3PwQWx_5LKeG1CiG4TzPSiUfYMeyMYQSVJ5KNNzMsWwgrRneY86WbgKhhBbsXCnO6mgFtXtzDlheGSrmoBNcTPBC0HG2SmfbkdnuPGon1yFA81smzmWd3272R2uwDpwfosTCOiaMZcK75WWGBCAG9PdLwmwUsbOmAMug16dMYxefMrlKS5wduyV1a0ld98n_Sv02xwepVX7tgLXy2WTkRtunlQ&sai=AMfl-YTYCitHFLPD2DVB2i7aygu1Cp5LTzEfjFqUr67M4NCzoZhSaTKhh0Q3mItGIyyxlr_Rue8fNdCMptsmQowautVAXr5x63vZOp2rWweKJTDRYYqgWWzRbjvlkiYLyNA&sig=Cg0ArKJSzIoR0FiAO0mXEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:40 GMT

GET
DATA 200
OK truncated
/ Frame 0AC7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6eb76c271a15b30ebb495505ccc8cd5580745b221920d509ac64561d69ca2cfe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9B41 22 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 11:13:16 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9B41 8 KB
4 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
last-modified: Mon, 24 May 2021 13:56:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 29 May 2021 00:44:33 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699618/ Frame 9B41 45 KB
13 KB 40ms
35ms Script
application/javascript 52.18.175.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699618/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cda1e0648a9ecb1ae62a8c29eb3257e78f7d2aa9e6c77b9c1d23b5ae0785c356

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-server-name: app33.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B41 121 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 pubads_impl_2021052501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D8F6 310 KB
109 KB 25ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111175
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A71A 12 KB
5 KB 30ms
11ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 29 May 2021 00:20:20 GMT
expires: Sun, 29 May 2022 00:20:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98BF 783 B
531 B 45ms
24ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76da578287c37840af519514b88a9d9232f05cbf4998a0c03cea2b13cac50780

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cB8+DSGUpWgjOyNV7btR+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Sat, 29 May 2021 00:36:40 GMT
date: Sat, 29 May 2021 00:36:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cB8+DSGUpWgjOyNV7btR+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame D2AE 14 KB
6 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339884
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6DA5 62 KB
21 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-qqnoD336wX-leaderboard&categories=government&tags=election-security%2Cespionage%2Cmicrosoft%2Cphishing%2Crussia%2Csolarwinds%2Csvr%2Cusaid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "886 / 478 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21427
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H2 200 GLBL-ENG_IOT-01_0_300x250_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame 8FFD 130 KB
130 KB 54ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_300x250_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=72.209;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=i0hycd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvY_UyJKPOqFRReqm5aleypfiB4R54CwAsEftB2-pmdCfDsdEKPlrFJFx0aRZsyH2XkBxv04acxveh5vYDXxEKghShr2BDZeEYVEEb0tKJvaBboBUAvb6IeUf9zPI3mJLH-I-aCvOL_b93UAlRv26aJ9p1UrtWPFS_u9RTRExKZ6hs_muG-p7dNpPlATuFx5tJsp-j1QF8wzi7axP3xxOiP9nTwcqyLbJphR5lF5nQyVlqwGwy_CdfKWXtmaSdhkoWzs2eQmv-nWIourocPQOOhf5UlFKZc8ZBnvvIj9KiIJx7Mxe8tslpxCvdMDHc1KUAQHNmcfC8%26sai%3DAMfl-YQwc-v-_krrG7HjG6XNW_5SgRx_QrNknGjBbyW_ny6P9vebbpovQ1RdllVj74CQbj4VmWO6snJe69LhOWvKYxXW4Ngl3itVF4RF1OYuYdo2cywhe5kfJ48Ir5qStVs%26sig%3DCg0ArKJSzAo4zO1gSYjTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=*TRpxtxo7C;osda=2;sttr=56;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a27971896702f55692c0df408732cbddffd9bddca1087d5dcd4d1a4ec7532d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 19:51:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:23 GMT
server: sffe
age: 17090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132717
x-xss-protection: 0
expires: Sat, 29 May 2021 19:51:50 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/ Frame 8FFD 10 KB
4 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfbcf1944aa94f8a16e8c65216b4289ee1dfa486db738e5ed1fbb0be5bea3696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 19:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4180
x-xss-protection: 0
server: cafe
etag: 14767526234938102694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 19:51:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 8FFD 8 KB
3 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 00:36:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FFD 121 KB
37 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8FFD 0
528 B 78ms
44ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstguX8nkTc2FwArZQD12kvdcE9DbtR10MgyULcwe3zXcbwb3-i-3_VwTqGgY4kA-jKwNz199ljD-UboBuuBGN2_gxarP4PTkp3FgtBRYgtA5L-zf1K8wKnjxWeDXFdLYdxF3I7ux-CWFAkLh4e9NBDloRK2MWypwtAe33TtIuvcGQ&sig=Cg0ArKJSzB1zQLpzN-iBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20210524.85623&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303544152;a.a=496508844;cache=4075247046;
ad.atdmt.com/i/ Frame 8FFD 43 B
1 KB 116ms
71ms Image
image/gif 2a03:2880:f03d:8:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303544152;a.a=496508844;cache=4075247046;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:8:face:b00c:0:8c Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Cgm2JYh7rBo5oMz1nZsFNmXQmcIQL4lBrtVozwMYHAAUWE4qDx+WqmUgrl+F0G4H7KycdJQRtS2dgA2kAPMLkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 29 May 2021 00:36:40 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FFD 41 KB
15 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180725
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B41 0
0 61ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI3sJ_UGpy3NWfB6kcjRZInbrlMh6tTcpnHAfIcvpN6AWmCSWsbKzdy4j6FUUFQBkJT5NYlAqiAal9Kb_UnCNDVBpMISE-nRsF77VKycMJFgJLW7hnrSspn7x5x30mDnSdiVavNyUtQ5jxLkz1jkheoN4bMk7sJqVwD9F2Xs650dujweZw9k5kUGPGXS9-yQsm3ZsLWrPD1MYVxZzuUZKdNSKKMJ0od8BDKP3DYAq7pXma_3xtF7vrMK2Q2_RdM_36ejItLgUQXGcwyqFRiqAmPMx-SY8M0GBnNJPT_c_m5mETVDIfnq74okVr4zql8FA&sig=Cg0ArKJSzL_mvIMurt_cEAE&urlfix=1&adurl=

Requested by

Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v72.js Show response
www.googletagservices.com/dcm/ Frame 9B41 37 KB
15 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v72.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:34:47 GMT
server: sffe
age: 211925
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15545
x-xss-protection: 0
expires: Thu, 26 May 2022 13:44:35 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D8F6 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D8F6 107 B
122 B 21ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D8F6 8 KB
4 KB 55ms
46ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3112805622635903&correlator=1384117478702161&output=ldjh&impl=fif&eid=31061223%2C31061299%2C31061142%2C31061151%2C44740386&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210529&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&cookie=ID%3D226e724a6cfaa58c%3AT%3D1622248599%3AS%3DALNI_MYvX-Xtbn6KwCW9DFICU7MqgEJzDA&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1622248600&dt=1622248600396&dlt=1622248600153&idt=225&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=3951&adks=3048910702&ucis=5a3h5au98shb&ifi=1&ifk=4263886384&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-9AKjTWZnqr-billboard%26category%3Dgovernment%26tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=1183781586.1622248600&ga_sid=1622248600&ga_hid=1801620247&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6d1c2c1d6d8213c9201785846eede5c17253b84650b4e7e5c0aa93b0e715723b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4393
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138350123062
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 B25791652.303737488;dc_ver=72.209;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=21j65c;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzxfZWkQKzHV7rvtRhmPTOMYoGJ... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame C65F 34 KB
17 KB 75ms
50ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303737488;dc_ver=72.209;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=21j65c;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzxfZWkQKzHV7rvtRhmPTOMYoGJ2oX-MbgjW2qfctoNe9U-hwfXxwW0iPKbwxXRsxRNbA-wITHdcP-35NGHjOS0ZQlaaJ_QCWEgzyvs-o05idzieQOzZBg72AUlpcOuY1IvsMe-yCwTyrt-_oFkxr0x-0brUDGJl5xZfwqXtEQCvPrj-KDhdAGqVRKZb3um3iSPiozJHcUvWOUFXwWtVOUBiaVsNRmN5rW4H90ONO7xJECzAYTCulUr_1oTCSWHlBhBzCwD1z6syCKuqX6DrIq3xlwx6hzOswk7WssHe1RKEK3U8KvApGx-QS24J0%26sig%3DCg0ArKJSzF1AGZ0om38oEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=B52h0CRRTF;osda=2;sttr=90;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

259ccd8c592819b8cfa374588609035a63aacc8c2611976c340b3699d6fffcfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303737488;dc_ver=72.209;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=21j65c;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzxfZWkQKzHV7rvtRhmPTOMYoGJ2oX-MbgjW2qfctoNe9U-hwfXxwW0iPKbwxXRsxRNbA-wITHdcP-35NGHjOS0ZQlaaJ_QCWEgzyvs-o05idzieQOzZBg72AUlpcOuY1IvsMe-yCwTyrt-_oFkxr0x-0brUDGJl5xZfwqXtEQCvPrj-KDhdAGqVRKZb3um3iSPiozJHcUvWOUFXwWtVOUBiaVsNRmN5rW4H90ONO7xJECzAYTCulUr_1oTCSWHlBhBzCwD1z6syCKuqX6DrIq3xlwx6hzOswk7WssHe1RKEK3U8KvApGx-QS24J0%26sig%3DCg0ArKJSzF1AGZ0om38oEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=B52h0CRRTF;osda=2;sttr=90;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlK0QZm5g4RN7ncQX8EURjOn7guHnRqUlVu_oHIezSl2CWCq_RZZ6fDLGKpD-o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 May 2021 00:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 17721
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.205.js Show response
static.adsafeprotected.com/ Frame 9B41 182 KB
58 KB 37ms
30ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.205.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699618/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 65b0c88404c002d34f78a30c820a5d895b7f992843bdda5631be2022128bcbcc

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 16:52:54 GMT
server: nginx/1.16.1
etag: W/"2a9fef950e9482a511b33a92594e62e3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B41 0
0 47ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9UDFc8wdX9RXSxHI7gUiXM71ZH8dxOsUaJAS8dwb-ez7hI1W4g6ljJu10diSXTssuzd8CdoCl5dOFR4Y9HQkFSnpWJ7Xf3zV3hccc7fXAY1n7KDPmZ7k39YStvbvBH05dqolmgcIuRed-j5LsTtrzXoZBAlUg1kVOMBLEpzTLEcVd83qkcD89U9qtjQmBSkYtXUzenCrfMFlVO_bsaHowyCBZS3aMDNTBPNWZ5SQ_dbOy2FEDvB6Q2PGeU2xNBJVlNWNyWQ5HPd5LYbNBxJDKPd1icJoHNAJ-9Z9eWHAA0-xfULsOKK-7wkfYC74SYMC6aA&sig=Cg0ArKJSzN6_Z1kKrTLiEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:40 GMT

GET
DATA 200
OK truncated
/ Frame 9B41 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 542bdd1557cddadbd992cdc7d072a7032d0a6c78d8d6880ae2d96453d0272486

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8FFD 5 KB
4 KB 27ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

846429479882c2f2c4b45a5991998ecf60fbb4a4b62d7077775a14942290a540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4137
x-xss-protection: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 17A7 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 180725
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6DA5 309 KB
108 KB 32ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H2 200 container.html Show response
a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D31 6 KB
3 KB 43ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 29 May 2021 00:36:40 GMT
expires: Sun, 29 May 2022 00:36:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8F6 73 KB
27 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame A71A 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339884
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8FFD 0
23 B 77ms
62ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 0AC7
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

425ms
417ms

Script
application/javascript

3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 4510546
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:40 GMT
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame B2F2 82 KB
21 KB 305ms
305ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 334380
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9B41
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699618/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

211ms
211ms

Script
application/javascript

3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 5269567
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:40 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 5CF9 82 KB
21 KB 554ms
554ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1696858
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6DA5 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6DA5 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6DA5 8 KB
4 KB 70ms
57ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1691609968862281&correlator=2852519838565916&output=ldjh&impl=fif&eid=31061298%2C21068031&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210529&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&cookie=ID%3D226e724a6cfaa58c%3AT%3D1622248599%3AS%3DALNI_MYvX-Xtbn6KwCW9DFICU7MqgEJzDA&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1622248600&dt=1622248600740&dlt=1622248600274&idt=436&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=1uqz7qted920&ifi=1&ifk=2794124883&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-qqnoD336wX-leaderboard%26categories%3Dgovernment%26tags%3Delection-security%252Cespionage%252Cmicrosoft%252Cphishing%252Crussia%252Csolarwinds%252Csvr%252Cusaid&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=1906803609.1622248601&ga_sid=1622248601&ga_hid=627033572&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0c9f60da78a9802310977f3fe66b7c6a535f081113bb33fd098ab6f1bf27bf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4427
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349746702
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DA5 0
0 93ms
11ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DA5 0
0 10ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 GLBL-ENG_IOT-01_0_300x600_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame C65F 256 KB
256 KB 135ms
80ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_300x600_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303737488;dc_ver=72.209;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=21j65c;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvzxfZWkQKzHV7rvtRhmPTOMYoGJ2oX-MbgjW2qfctoNe9U-hwfXxwW0iPKbwxXRsxRNbA-wITHdcP-35NGHjOS0ZQlaaJ_QCWEgzyvs-o05idzieQOzZBg72AUlpcOuY1IvsMe-yCwTyrt-_oFkxr0x-0brUDGJl5xZfwqXtEQCvPrj-KDhdAGqVRKZb3um3iSPiozJHcUvWOUFXwWtVOUBiaVsNRmN5rW4H90ONO7xJECzAYTCulUr_1oTCSWHlBhBzCwD1z6syCKuqX6DrIq3xlwx6hzOswk7WssHe1RKEK3U8KvApGx-QS24J0%26sig%3DCg0ArKJSzF1AGZ0om38oEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=B52h0CRRTF;osda=2;sttr=90;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

660ea9f6926591697cbe76bef5ededee582a5862521772920f1e9e9707f00c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:24 GMT
server: sffe
age: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261915
x-xss-protection: 0
expires: Sun, 30 May 2021 00:36:40 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/ Frame C65F 10 KB
4 KB 44ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfbcf1944aa94f8a16e8c65216b4289ee1dfa486db738e5ed1fbb0be5bea3696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 19:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4180
x-xss-protection: 0
server: cafe
etag: 14767526234938102694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 19:51:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame C65F 8 KB
3 KB 55ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 00:36:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C65F 121 KB
37 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C65F 0
23 B 72ms
42ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3bt6YIffSGZ2mFktxXMqkp6ZA6wsoCQ1aQw1dsoP6Fjezgfqd7rW3aQyhLvgdYYuP_376KTj5f_NK_61A2XlWsz4TxL3F3NjBsa0qfnpULBxvxbrHNrHolJ_MQ39n_Jb5IjuBTyX4L0_Tv8yUc5mLHSHAMAYf5XMZvqYvWItU5qYmni4L&sig=Cg0ArKJSzIiPfOiqvMm4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210524.06273&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303737488;a.a=496163660;cache=1389880301;
ad.atdmt.com/i/ Frame C65F 43 B
171 B 81ms
63ms Image
image/gif 2a03:2880:f03d:8:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303737488;a.a=496163660;cache=1389880301;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:8:face:b00c:0:8c Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LI4GRHRhs1SXUNNhaVkF8LC7I1vmpIbDpI5+TqpKhEwKgR9qgx8vc6bbgFOGs6Vkh9WJL3EiG/BNqV02rpDYSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 29 May 2021 00:36:40 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C65F 41 KB
15 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180725
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3D31 22 KB
7 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134604
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 11:13:16 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 3D31 8 KB
4 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
last-modified: Mon, 24 May 2021 13:56:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 29 May 2021 00:44:33 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699612/ Frame 3D31 45 KB
13 KB 189ms
182ms Script
application/javascript 52.18.175.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699612/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 14d1a84bece50b1c302c7b3c6edba242433ea57b7430051f6057e43a33652c1b

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D31 121 KB
37 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0AC7 43 B
216 B 369ms
112ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=50eff74b-5e57-bcab-6ae2-97e1cd2470d4&tv=%7Bc:dXM7UO,pingTime:-2,time:589,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:244,beZ:245,mfA:645,cmA:649,inA:649,inZ:653,prA:653,prZ:662,si:668,poA:669,poZ:682,cmZ:682,mfZ:682,loA:780,loZ:784,ltA:832,ltZ:832%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:423%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:589,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:423,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B182~1%5D,as:%5B182~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syKVNND+11%7C121*.488356-54699616%7C12111%7C122%7C1231%7C124%7C131.488356-54699618%7C1311%7C132%7C133%7C134%7C141%7C15%7C16%7C17,idMap:121*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:163,readyFired:true%7D&br=u
Requested by: Host: 6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
URL: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9B41 43 B
215 B 367ms
114ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=62dbf585-b510-b8b0-46c8-7ff3e7eee2f7&tv=%7Bc:dXM7UR,pingTime:-2,time:408,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:272,beZ:273,mfA:526,cmA:528,inA:528,inZ:529,prA:529,prZ:535,si:537,poA:537,poZ:542,cmZ:542,mfZ:542,loA:630,loZ:631,ltA:679,ltZ:679%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:265%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:408,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B151~1%5D,as:%5B151~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syKVNND+11%7C121.488356-54699616%7C12111%7C1212%7C122%7C1231%7C124%7C131*.488356-54699618%7C1311%7C132%7C133%7C134%7C141%7C15%7C16%7C17,idMap:131*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:141,readyFired:true%7D&br=u
Requested by: Host: afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
URL: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FFD 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 container.html Show response
7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AB6 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 29 May 2021 00:36:40 GMT
expires: Sun, 29 May 2022 00:36:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DA5 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:40 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 17A7 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339884
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C65F 5 KB
4 KB 21ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76c526fb15d4d171124acf7289400da8bb5a0b238020f2a4b6ae11da1a0419e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4224
x-xss-protection: 0

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame EF9F 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339884
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7BC7 22 KB
8 KB 25ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 180725
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D31 0
0 51ms
48ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcWz982wXLyaAdP77AzSQJLt2EfqvNvelHtPbomE5rNJBClR0435qUlF_AszCjDvNgnAjgpy_3CIMjgoLmq_IbRAzm_G05STYpfzKgrmO2odCxapTSfrNMrFIxyhaWFNP2vFsBorZToVWGVUwSTgvqHQhtamSEoKdVTlgK2dU1JYlHnUolbiK3boFBSdePwoxztFF9GakolFsj0vK2HBAU4IYtqk-spJlJiSQq5gLwQWJo2drTaOWJdfqE4GkuLo58oxxenPF7zk6C3Ajj3Y5S-5EUZteVbD9G4OD09anYBXO1BqDuYZCfJT-W4BBtDx-a0LllZ7s&sig=Cg0ArKJSzFxVAFW7uf9dEAE&urlfix=1&adurl=

Requested by

Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v72.js Show response
www.googletagservices.com/dcm/ Frame 3D31 37 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v72.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:34:47 GMT
server: sffe
age: 211926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15545
x-xss-protection: 0
expires: Thu, 26 May 2022 13:44:35 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8AB6 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134605
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 11:13:16 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8AB6 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
last-modified: Mon, 24 May 2021 13:56:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 29 May 2021 00:44:33 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699614/ Frame 8AB6 45 KB
13 KB 34ms
34ms Script
application/javascript 52.18.175.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-175-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 078da71a7a62568deb5509c20b7fd4313f75695f7c725d31c734e6283e4b697c

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-server-name: app29.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AB6 121 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 B25791652.303488786;dc_ver=72.209;sz=728x90;u_sd=1;dc_adk=2313985828;ord=2f18o7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssLxVdWLOIgbAjGaVcSI1TsoGu8FeEqzKTu3q4pKSFqk... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame DB61 34 KB
17 KB 46ms
45ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303488786;dc_ver=72.209;sz=728x90;u_sd=1;dc_adk=2313985828;ord=2f18o7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssLxVdWLOIgbAjGaVcSI1TsoGu8FeEqzKTu3q4pKSFqkGoSoyFHCvnFLjZKCUlJz5D4BaHk6qpPBsP3iClRtbMRgeNDLjZlGLFtfHxrw_5xC4IF8aca4CD3g_TeRY129ZKVLKGcVkhGXsLLx7RnKvzmaSKOcOdC1EQlgj49JiP2wj8abYe9Vsn7EhbpSPmebk07S0k8O-ZmC8hwWcqngNII_RDbZaVkGqfxI40sq-gkbUuoJC5dOyBEtCh_cgRi3VnKPOP3pturIwhANX-IgWQVbJRayhA1ryGU0yeoYohTWdbY5SMBtiu_QjXOQ3Cpw0UEF-g%26sig%3DCg0ArKJSzHU78tB6gUbhEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=xx2SHZ1eRF;osda=2;sttr=101;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

120210c70516997f79a47058c205c6c4bf34b9eb0e5812c4056ff2baa3ffe387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303488786;dc_ver=72.209;sz=728x90;u_sd=1;dc_adk=2313985828;ord=2f18o7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssLxVdWLOIgbAjGaVcSI1TsoGu8FeEqzKTu3q4pKSFqkGoSoyFHCvnFLjZKCUlJz5D4BaHk6qpPBsP3iClRtbMRgeNDLjZlGLFtfHxrw_5xC4IF8aca4CD3g_TeRY129ZKVLKGcVkhGXsLLx7RnKvzmaSKOcOdC1EQlgj49JiP2wj8abYe9Vsn7EhbpSPmebk07S0k8O-ZmC8hwWcqngNII_RDbZaVkGqfxI40sq-gkbUuoJC5dOyBEtCh_cgRi3VnKPOP3pturIwhANX-IgWQVbJRayhA1ryGU0yeoYohTWdbY5SMBtiu_QjXOQ3Cpw0UEF-g%26sig%3DCg0ArKJSzHU78tB6gUbhEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=xx2SHZ1eRF;osda=2;sttr=101;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlK0QZm5g4RN7ncQX8EURjOn7guHnRqUlVu_oHIezSl2CWCq_RZZ6fDLGKpD-o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 May 2021 00:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 17817
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.205.js Show response
static.adsafeprotected.com/ Frame 3D31 182 KB
58 KB 160ms
159ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.205.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699612/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 65b0c88404c002d34f78a30c820a5d895b7f992843bdda5631be2022128bcbcc

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 16:52:54 GMT
server: nginx/1.16.1
etag: W/"2a9fef950e9482a511b33a92594e62e3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D31 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubySM6UfgGbT3NKW6Wk_V6_dOqio4_gKZzwnYM3AKxVDkTJb83PNCXHzHpDCV-R6jmqvjdmSMbk4Q35GTKst4NzeH8_Iupf-gjmL4Wbuq6XFa3MnidL2QyF8WjPkRCNvTfo2fZjf8U7zfHX87roUW-edCkGL1tJadB4ftvHksxBJV47lfECr4r2wdWIBj8FS88e1sk9Ys4jZrtpwzt1B4Bm0UMgtMZpjaM4V0fQMnBnbiBeOm8i5p9PUaDIUs539uUhyJWyqygyjelT6omyqKeZLvUyHN7OqlIu0LZGbzYVXZJunEOs2PgScHGxTkvUds1RJ7UHI9Dpg&sig=Cg0ArKJSzFvuibuNc8hfEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:41 GMT

GET
DATA 200
OK truncated
/ Frame 3D31 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 855b2f261eee2df5af53831f98bd55a96e8e02aeaaedb1239e9ec03d4109b453

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C65F 0
23 B 43ms
43ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A21 0
20 B 24ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3826312886683906&bg=!Z2SlZCDNAAaMan2LjGo7ACkAdvg8Wr6G3oLGtglMjeE6NepB3zFiAgzvZX1Nt7RGokAT4iMb1fdCOAIAAAJVUgAAAH9oAQcKAIeRwX0VCpuwGkmgVw_ovdu7zbVD3fMrA7PF7WhMgTrptyqiAglYsKPCBFcogS5uszYKklkOT8TaVkOj-_gko3kUewi6oMwYb0MrproXsaEWIqOAzynbDkitE3Hrvy5SaOCy9kuk9CI7S_o6ba53N_aj6deMtJMmwxMBoV5As3hYq9QCChpwD_iZAmD5vFFFq-kmbY3hQEv7D2bNcegUxIfhdt6EtUxBMo7chDOV2JDMq7_PwZ_Pmc5T5lCLHBXqLp8Ee3LunxWs9hkRvTMO544cSpT0f13fnZR9lDWdm6xEximw-llcUEvtkhbcn3Ynq6Zi9KrJjuZQYBdaVRwtrMWdU-JiOuJFUE6iqi8D7j2yQR7SVNf0zZYUAqRj4KJFSFk10vzXl4sbOm3Uinnmkti2iptgkfL06TkJCACCY3vKuS7J1wGRcvTDZP25EMcljdIf-5Ej-b99jahCVWKTsDNFOlAxi3_awlIuV9L2Q8twnJOlNZ9e2PvnxX4ESyClq7aa9L0MgRcchJroSncZNxZkG0TMdfSiwTyYTVhkywvo6MybAj9bc9SoZ6FexB4aAGgMKEmf--0w1A6pPcqnYezcWxut8Mu_HjeMw57lud9kTvoAmP_XZAdGAwDAyw5Fi97_7HuHbLbeRoBRJQyDKPsvw78sduo42DqXyY9Yg8bIVFKnL4dtprwtAgjhaYZOSB_9Hq0Lzc6TYxRB8epQtrgW7dEGHa7IZG5G6dplik9XHQHSHXz9cEDUz6g4ipvV-7okfG-DbhkeubC1svIQsmKnuq-TBreQQPc38YNNY2bmHzkUXljTE3YtZxqiL5JP_ZkT0-puzCiBdNcoEM-ocSWkDwDl8SB4IMAXPNfYNkpTZMEL6qaCDlFEK06h7b172SZrWwggW_rjG17urmRY-Wn7TF2nqmby4cza5bU4cu0ZRFyoevZw0DOsIU10JUi-LzywN_ivbyI6zZUKViBLmMS_7NNKGg0Lp8vy8g

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AB6 0
0 64ms
62ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOS4eZFQHDBCtPSGT6foMvhWua25r984mBSnyswaKZe8Iw13hefGd9E9hq2Lm_XHZETm4Ep4ywqJvloV12ZGHoStG3CMkHB0-W08lVNudVt7FJ3QP8C_Pg9mWEcsNOrfGDGUJPzCLnxGLQTKX07sxWd-HUjoY-lp9kG_EGbDR5Rp2XxenmdTTDRpixSluCHFSvW0eFwBFRhcWCQ0pG8wfEKmcGi32jHDFv77YGcyJZcNpyBR0zudXMttX3Wq75qKZpRvz17SCAmWWwSYjQo7xcy4WcJb62ro4zr1WSwVzQXBGN2vp2cHadwuuoOioXlXIp_1TQVxf_Aqm6&sig=Cg0ArKJSzEkd1Wezst5DEAE&urlfix=1&adurl=

Requested by

Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v72.js Show response
www.googletagservices.com/dcm/ Frame 8AB6 37 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v72.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:34:47 GMT
server: sffe
age: 211926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15545
x-xss-protection: 0
expires: Thu, 26 May 2022 13:44:35 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C65F 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BC7 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339885
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 GLBL-ENG_IOT-01_0_728x90_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame DB61 89 KB
89 KB 38ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_728x90_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303488786;dc_ver=72.209;sz=728x90;u_sd=1;dc_adk=2313985828;ord=2f18o7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssLxVdWLOIgbAjGaVcSI1TsoGu8FeEqzKTu3q4pKSFqkGoSoyFHCvnFLjZKCUlJz5D4BaHk6qpPBsP3iClRtbMRgeNDLjZlGLFtfHxrw_5xC4IF8aca4CD3g_TeRY129ZKVLKGcVkhGXsLLx7RnKvzmaSKOcOdC1EQlgj49JiP2wj8abYe9Vsn7EhbpSPmebk07S0k8O-ZmC8hwWcqngNII_RDbZaVkGqfxI40sq-gkbUuoJC5dOyBEtCh_cgRi3VnKPOP3pturIwhANX-IgWQVbJRayhA1ryGU0yeoYohTWdbY5SMBtiu_QjXOQ3Cpw0UEF-g%26sig%3DCg0ArKJSzHU78tB6gUbhEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=xx2SHZ1eRF;osda=2;sttr=101;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421a1b2e8c04cf74c9db008eece0146b28d81e905ff60f7e3fd7c4878ad6df21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 08:22:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:33 GMT
server: sffe
age: 58462
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90935
x-xss-protection: 0
expires: Sat, 29 May 2021 08:22:19 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/ Frame DB61 10 KB
4 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfbcf1944aa94f8a16e8c65216b4289ee1dfa486db738e5ed1fbb0be5bea3696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 19:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4180
x-xss-protection: 0
server: cafe
etag: 14767526234938102694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 19:51:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame DB61 8 KB
3 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 00:36:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB61 121 KB
37 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB61 0
23 B 48ms
45ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHz_Kcey7AjhoM8amb8Cboapz1LH9gJKqNHBAgZ8iii1bNSitasZYNX81_7uN7rdmgWN4YpzSQ3lbrWhWKexht0JpCmW3u3zg1pY5ChwdP_po1X4pXdAoK0o126z_m7YkKbSsiypY7F8COf92LtX31ogpsdTaHE_uHbbP_wb6WJQ&sig=Cg0ArKJSzHLV6cAg6Mx8EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210524.26294&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303488786;a.a=496452202;cache=2587904604;
ad.atdmt.com/i/ Frame DB61 43 B
193 B 92ms
60ms Image
image/gif 2a03:2880:f03d:8:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303488786;a.a=496452202;cache=2587904604;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:8:face:b00c:0:8c Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: D41XCNcoZv5VCzO/ocX3/sjmngrjZs6DXuUHIS5tnIZU47fL57fKR4thVXEwJaYnkgK6izr8R9UIk8oGUjPU3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 29 May 2021 00:36:41 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DB61 41 KB
15 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180726
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H3-29 200 B25791652.303489065;dc_ver=72.209;sz=970x250;u_sd=1;dc_adk=2711260096;ord=he9ato;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv0Jycs0Ke7gBoNZgwoLvowq8SGE2xT0lv03MsLEfDS... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame BF31 34 KB
17 KB 40ms
40ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=72.209;sz=970x250;u_sd=1;dc_adk=2711260096;ord=he9ato;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv0Jycs0Ke7gBoNZgwoLvowq8SGE2xT0lv03MsLEfDSkMqM-a5ZGyUq6MBLTTV8acttk-D9iJWTf6DNblQjmOFNFSfZJTmqxFSR5T7-8Y4y8R9ByKzQPLstiguSf8SZJjYdGEFy9mlaAWgeCbozkzGtRXKm_hKJGtZdPJKcvm07e2TwZDU9QJiigUDN3YgORKgqjkncUoLppIgG6ArOxFlYG2A91LB7e0zlCYj2b9cp5npSxcAU7XuqIMUHa6nCa7XNghItrLzDBfU8GPs96LTHlswvmCuHwLbwliwk-VoJsZDQURkuvudSGL_UxOx2gPTC1WMo8gRc%26sig%3DCg0ArKJSzCyczgf358maEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ump7r76Mkf;osda=2;sttr=66;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

811d1a52048ec75a7c1a7c00272092c5373ffc001a2585480716abe1c7944bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=72.209;sz=970x250;u_sd=1;dc_adk=2711260096;ord=he9ato;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv0Jycs0Ke7gBoNZgwoLvowq8SGE2xT0lv03MsLEfDSkMqM-a5ZGyUq6MBLTTV8acttk-D9iJWTf6DNblQjmOFNFSfZJTmqxFSR5T7-8Y4y8R9ByKzQPLstiguSf8SZJjYdGEFy9mlaAWgeCbozkzGtRXKm_hKJGtZdPJKcvm07e2TwZDU9QJiigUDN3YgORKgqjkncUoLppIgG6ArOxFlYG2A91LB7e0zlCYj2b9cp5npSxcAU7XuqIMUHa6nCa7XNghItrLzDBfU8GPs96LTHlswvmCuHwLbwliwk-VoJsZDQURkuvudSGL_UxOx2gPTC1WMo8gRc%26sig%3DCg0ArKJSzCyczgf358maEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ump7r76Mkf;osda=2;sttr=66;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlK0QZm5g4RN7ncQX8EURjOn7guHnRqUlVu_oHIezSl2CWCq_RZZ6fDLGKpD-o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 May 2021 00:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 17777
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.205.js Show response
static.adsafeprotected.com/ Frame 8AB6 182 KB
58 KB 31ms
30ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.205.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 65b0c88404c002d34f78a30c820a5d895b7f992843bdda5631be2022128bcbcc

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 16:52:54 GMT
server: nginx/1.16.1
etag: W/"2a9fef950e9482a511b33a92594e62e3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AB6 0
0 44ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOGQPa--09XSzdf8d5SBPC2OhB18nMGc_EeHmmSQyLX5c4tFn1QPLlNPVTlrq76CCvmcl3hBzOQ_qjYNeYaV5S9jWGYuq7BfHCPQG618-qpdBy598MCAK6ixIe1AWlJXJLq3Su6MYyVKjqwJwYBhg60saZVucsP8gVz2HgZA5aOodzWe0QWTKwpm8VqSuHS2sYsRbRiTzgLucCCZmHq-_25hlnlLM-AQSFqPBJw3A6kTI5yYIzN2-WeGm_Iff4nMC_NJRdPwM7ImEb-KAn7mULoRaIqwt6kAkCLzo2uo4derqaJDETha-3j2eac7y32DCdX7AnhdU8kPZnZ1c&sig=Cg0ArKJSzLnaKaKP9e36EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 29 May 2021 00:36:41 GMT

GET
DATA 200
OK truncated
/ Frame 8AB6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d349c04aea83ade21d526bcb6bdb387bbd526764fbfc9e9bcdc4034c346b25b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B00 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339885
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0AC7 43 B
215 B 108ms
107ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=50eff74b-5e57-bcab-6ae2-97e1cd2470d4&tv=%7Bc:dXM86e,pingTime:-10,time:1297,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622248601521%7C%7Cd60882a257a672b51fd4dbd31b9259bc%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cc2fa670ca7c549721de1634c9402d0ae%7C%7C9f29a2406b129e014211b33c9ad5aa2b%7C%7C1c7838114889062f08a8d23746f94b1b%7C%7Cd7834f10ed7d21b814f2e5e558dfc3bb%7C%7Cb59e0ff66791577974fd2d730c0b927d%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3D31
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699612/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

30ms
30ms

Script
application/javascript

3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 5873429
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 2BAB 82 KB
21 KB 175ms
175ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 336432
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB61 0
23 B 58ms
58ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DB61 5 KB
4 KB 19ms
15ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

accd132e713a8902183cc64bbe95bf2a8dcdb5a79423a8794c9080a78650afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4147
x-xss-protection: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DE1E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 180726
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BD 0
20 B 17ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=1941290746619049&bg=!e3ileDzNAAaMan2LjGo7ACkAdvg8WuxHmcgzLeGzEPmtXaOoATBp11KLbO4Jf5zaXHKHZJNVU3hy9AIAAAJEUgAAAGtoAQcKAGIRm7qZS0MJhzvrr2obcnUH6zmXvkAxXlXe1oorD1oz1xaU6Ty4FMBZi0SKNeai-_pb6aTCcQGL_GN32PTsIyHDBkZT3C6nzqcFpO7z6CILvWVqJ1QAyWO9M3A0Ec6GU5HN65kCZO0i3kYmZ8vXKtXpU9f2Rea0LKHO4y3KKX9FM_fZgw9gbFuhv2FNxf_TuvsCZghxb_xPEbStCUrYvb_6SVpOh0uzAFmE3suLRcdRBwgVhB-b9cnhZ1eUHMMCTqJaBzxDqBGsclGmkyqlQx0yp4Ga2uDYwjXbX6RJhX3wX5r9LnHjbldZeHPiGcbeVUS6v6efOkkvPhocnEPG6D7yup4wxwRTYaAiz6_DDX-JGeXg9TFzvRHrIOWJ0ZAAqNUEwcVOAo13QURX-GMGFzaFAi41rDecqv67yHtdu5xQI58fLfja_3_jd27AAJdgVXpo9KWE1aFhONtsOo19WKXrQa-l2iZzO5zsU5hRexB3ys48pxDvjB5RTIVCtdgAQ00iXNyxWTfejGROhuqZrERrcljy50MkMfsmWmbU_vpoJlMYOHe29HjHw75kMkhaSBiyaeT9eQo_2QTqMCh7SqWudaLxm0UWq29nbTEpJy2PjfTTWVfgC5UiMcnh5vueJ0RS8N_A0S5QR-ORQdRd2v-MIFGhtO60s067srANMDw0eYJaQbSzL7hVUSBR1nl7GtKYVDPn7phGB1l-cit0eWW8UzmDYBSTFVJpIrjdUDVAVsLdWdaWn4Vh8u-rK_e9IZB5OTKkodN23sLL5TMRLP7DcKcikvKar3XDNTz27URbXeeATidqQOpYf2UhP8pbEJVEjE8yP2l8KeC7WpVaNOA8eQve7WdBQbNUOlDrmuxr0MwJIMBBcu-4agiAKCdRihQqoJ4Yj75L-oAwoc4V4R1K1vgDz3sO1Kg-7_vdlVxRWoqnAul0T-XcSg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9B41 43 B
215 B 105ms
104ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=62dbf585-b510-b8b0-46c8-7ff3e7eee2f7&tv=%7Bc:dXM88n,pingTime:-10,time:1247,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622248601655%7C%7C5f2e8e53f3150455c45f2dd8fc12cd01%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ce5029406c5447f49f4d920ac8e55ec7f%7C%7C87463be087f165d1fe57b412b670bf60%7C%7Cbd36a1b537b2d78bb4f1a98ef6e42b8a%7C%7C965e199ed1605245ad42af6955596e62%7C%7C4ad67f2ee6164fe7035a7d2def92d44c%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-solarwinds-russia-svr-usaid/?utm_medium=email&_hsmi=130250426&_hsenc=p2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q&utm_content=130250426&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt54.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 8AB6
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699614/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

31ms
31ms

Script
application/javascript

3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 4513475
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame EEAE 82 KB
21 KB 37ms
37ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 336128
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 GLBL-ENG_IOT-01_0_970x250_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame BF31 265 KB
265 KB 18ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_970x250_BAN-S_PNG_MOFU-IOT-Public-Safety_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303489065;dc_ver=72.209;sz=970x250;u_sd=1;dc_adk=2711260096;ord=he9ato;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv0Jycs0Ke7gBoNZgwoLvowq8SGE2xT0lv03MsLEfDSkMqM-a5ZGyUq6MBLTTV8acttk-D9iJWTf6DNblQjmOFNFSfZJTmqxFSR5T7-8Y4y8R9ByKzQPLstiguSf8SZJjYdGEFy9mlaAWgeCbozkzGtRXKm_hKJGtZdPJKcvm07e2TwZDU9QJiigUDN3YgORKgqjkncUoLppIgG6ArOxFlYG2A91LB7e0zlCYj2b9cp5npSxcAU7XuqIMUHa6nCa7XNghItrLzDBfU8GPs96LTHlswvmCuHwLbwliwk-VoJsZDQURkuvudSGL_UxOx2gPTC1WMo8gRc%26sig%3DCg0ArKJSzCyczgf358maEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ump7r76Mkf;osda=2;sttr=66;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fcbc3ff31b2e795d2e8fb2f4ed5137b1437a085311c6d3cd59871aa00e5b81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 18:10:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:27 GMT
server: sffe
age: 23165
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 270979
x-xss-protection: 0
expires: Sat, 29 May 2021 18:10:36 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/ Frame BF31 10 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfbcf1944aa94f8a16e8c65216b4289ee1dfa486db738e5ed1fbb0be5bea3696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 19:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4180
x-xss-protection: 0
server: cafe
etag: 14767526234938102694
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 19:51:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame BF31 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 00:36:39 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF31 121 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF31 0
23 B 43ms
43ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGb-ZXOyD134uLSQwQDjwo7aLYSTa-rfx4oFzwYPO-pW1vfGAcIy5c54QnNrtE4Ru9_-3fAffr2ivIRUlDNhVMrn3l72pe-M8Mee9awkAEd_QVq8RlJtARnQZTrNhntGt6cCFXwJJFgb2VeggwdNh-PcT9bLCe_QqeGAz9XhV_UA&sig=Cg0ArKJSzIaIf2wN46J1EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210524.12666&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303489065;a.a=496452220;cache=2420148477;
ad.atdmt.com/i/ Frame BF31 43 B
168 B 64ms
63ms Image
image/gif 2a03:2880:f03d:8:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303489065;a.a=496452220;cache=2420148477;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:8:face:b00c:0:8c Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Zl89m0NEefY6b7uq/xyLGb2lti76isilkyHYb5DIcgzTlZoJpNnXTao0nSi6hQlHZmjLSASWwbysD6m3L8ieHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 29 May 2021 00:36:41 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF31 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180726
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3D31 43 B
215 B 143ms
114ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=92b085fe-32a4-8b76-b39b-5ee148909bba&tv=%7Bc:dXM89s,pingTime:-2,time:613,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:607,beZ:608,mfA:1044,cmA:1044,inA:1044,inZ:1045,prA:1045,prZ:1052,si:1055,poA:1056,poZ:1061,cmZ:1061,mfZ:1061,loA:1131,loZ:1138,ltA:1220,ltZ:1220%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:448%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:613,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:448,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~1%5D,as:%5B175~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syKVNND+1111%7C112%7C121.488356-54699616%7C12111%7C121121%7C1212%7C122%7C123%7C131.488356-54699618%7C131111%7C13112%7C1312%7C132%7C133%7C134%7C141*.488356-54699612%7C1411%7C142%7C15%7C16%7C17,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:164,readyFired:true%7D&br=u
Requested by: Host: a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
URL: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt43.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8AB6 43 B
215 B 121ms
120ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=3de61ec2-df4e-b9df-3da4-251b8c831ef4&tv=%7Bc:dXM8ai,pingTime:-2,time:438,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:451,beZ:452,mfA:797,cmA:798,inA:798,inZ:799,prA:799,prZ:805,si:807,poA:808,poZ:817,cmZ:817,mfZ:817,loA:861,loZ:862,ltA:889,ltZ:889%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:355%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:355,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B91~1%5D,as:%5B91~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syKVNND+111*.488356-54699614%7C1111%7C112%7C121.488356-54699616%7C12111%7C12112%7C1212%7C122%7C123%7C131.488356-54699618%7C131111%7C131121%7C1312%7C132%7C133%7C141.488356-54699612%7C14111%7C1412%7C142%7C15%7C16%7C17,idMap:111*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:81,readyFired:true%7D&br=u
Requested by: Host: 7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
URL: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17A7 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQm0AmIyxYNyuDrWkrATHkbDoBgAAAAA4AeAEAg&bg=!BAelB0PNAAaMan2LjGo7ACkAdvg8WkFf2xujCS3FaYIipffTUe8-O5T-eFliZKGdRW_ZobP1b3gEdwIAAAIAUgAAAJ5oAQcKADpKD1sMspVL02-l0ewpsejFfiZeabJUWmVxhQeg9_DebEcPROdtI_fJJNHDJgO6Tp8wKTrWPcTsq_LGmQLUosgyE-4Io3uyQSZ2D-0CI9fA6Wtg24o3c1oaZlEYXICkaw9dxt4mIXukhx4ymjahzlUummMbgu7SwskEAPhpF3KnoXYXiJ-cHfWdGWlRh5IRobPr0L4GWF4jNRq13a2cL5t1qbVqy7EflCMuUhjFnfYB3tresw2wRlSlbQRziCYWB2b7bukq2M4hr80pg81cLX79jrdRtj_IQhc_Xp4py4e4A3qr4sU13oYXM80IpI2KBzc4W6eocrX-9K0U4_iD4oVOoQrI7glnJDJ6YHrk95CryzjYlYiVHoXS8oNPUR3xpzuFuXUNr-b6KNWDBYpb-aDIQyZlRtiTs6dwUZ88-kR2J2lyDH7v4bLYPDsa2uMxbX-gGAqvlCNrXelep7UPXnjxaTdsauqpplu2f0EPU328I3VPIux5NaM-5-b2xc6Nb9kdz3yOqLmI-RJ9EWsIYsIkP_tZxxi7APKlLWJjB5agI11STj76DLXCFHpmOfQ7-Gtlh5aQnbmSE3bF78rm5TGgVPkqi-Bsb4uNQUr2_P9zsddMJGhDYLYiIyP6kGgUqnr7Gy5gZP-VIbi6CbcndYJDavAknVsBz-9oFg1JEET2hWgYu0Ak1fP_yCs9Eg9BlzGvrmquyCHC9V59dFsWmHE2-BU4ZZGwLuKH28u71WpSKv5XKU4FiTzDwSTSUwD-rYwWeqaMT9c_4rWOxggw1cqmxdxxhXD8b-MhWe_GxIKJx8_gyhlecbocLxdmcE9DViuuMQXgPy_22mg9RYP0Pomp1SwJXhRxw432FIKhZrg-xbYE4sVlKA4TkvliqexgkxsndeBxrCnnNaTL_rz509eXSuBEQMohPZEdkwSvHURTOL_kB6ohQfQgd5psBhL9ceY1tIjYakjSTFKOUURJKIgrcPf5Tv2LCrn9TaxcNlU_WUbfz08Nmwg5DkkWOUd96Krlt_f8ZTecL_CFGsLjz7zaHQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF31 5 KB
4 KB 21ms
20ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd283cfe3801793f079cf29fdb1896945faaa3932533bf59c249f238d886464d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4099
x-xss-protection: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 43B1 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 180726
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF31 0
23 B 82ms
81ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DB61 17 KB
6 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame DE1E 14 KB
6 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339885
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D8F6 10 KB
8 KB 20ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0938df2604fea47529d191c33cb8a0c61a59a9931d4a610d507d90cea5a95ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7663
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF31 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6DA5 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ca2a60d8169af420509bf97e4eb5a23e2bedee1f1f55cb2a2332d427be3cf00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7686
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
661 B 411ms
129ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 29 May 2021 00:36:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0a79954a063e3c797549751e9de0fc52f34af029510882ba94a735d3c5399596
x-transaction: 09f20464f811bfd8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 34ms
34ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

079e36dfebf002443bede5a554a4843a9fb07a7a82aac266520bda7ef25abb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7778
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
411 B 43ms
42ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=cc58c5d1-7d05-40c9-a802-64180d83fe95&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&t=SolarWinds+hackers+are+behind+a+widespread+phishing+campaign+impersonating+USAID%2C+Microsoft+says+-+CyberScoop&cts=1622248601966&vi=77dce7aaee02f8b6714bc9d2a7b4eacc&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c9f39590-084c-4315-b2d2-3cb920f47823
cf-ray: 656ba66249491756-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a5726517100001756b60c6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TCRIe1heNFyFadvODVWpbrvc0%2FRJzS8RE0IqRIEK6UYRa0mXEwWX7ah%2FnVP%2BFFFN%2FCP79VC1%2BBlGGnoRIZuRXzCEWU5Y2%2FnWUzIwbaxK8zJM3FEodnl0RvRYdP2rdbm9zuj60dTjEj5McQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
382 B 43ms
43ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-solarwinds-russia-svr-usaid%2F%3Futm_medium%3Demail%26_hsmi%3D130250426%26_hsenc%3Dp2ANqtz-_0QRGomLdspoGtUxBH8av4R0s6oSssKIWKc3gq-RJ6G14xIpUIqHTJG4jbYNn7qkevAZuomx-aEq3XGcUjAh8cyBEd8Q%26utm_content%3D130250426%26utm_source%3Dhs_email&t=SolarWinds+hackers+are+behind+a+widespread+phishing+campaign+impersonating+USAID%2C+Microsoft+says+-+CyberScoop&cts=1622248601967&vi=77dce7aaee02f8b6714bc9d2a7b4eacc&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9e4a2635-5ea9-4803-bea9-c3f88622e0e7
cf-ray: 656ba662494e1756-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a57265172000017565e9ea000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NtAPE1Vsl2pOkc9An8fgvmnDA9urWZzHx2m5fowZS8jlfSAoHe4FOU5GKQv8nyWA3NzT%2FWJjjNiEKMnCCjQaL3vVuks106sC2YTy0IZOJZPHL6fC1sFBO12A%2Bol%2BIK7%2FJ6eAEhrhyhJw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 43B1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339885
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D8F6 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DA5 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:41 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 036C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 29 May 2021 00:36:42 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame EE8B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BC7 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bd_hvmIyxYJHpG5OKjuwP7-iK4AEAAAAAOAHgBAI&bg=!tbaltvLNAAaMan2LjGo7ACkAdvg8WoMqtTk_H1gKmxVF5ZLkGaPF4PcxLLivpLVD6lUA3ZdGLY2trgIAAAHIUgAAAFFoAQeZAsx3QpfWBb62RyDSOVz-nkuxAAfmnClmOuC-gKHPR1ZKkihv-KXQRcykHIf1a-LJCOhZbJm9V3NufBr7S0c_4ROUo4gPaxh9-Pkns_RtHDyhI8IDp9S6ZWPFJ8yuWFGvp9Wod54twRLSH__8XfbjRTY40nsH1T7r9ctsjbe251-F4sUXmXD3epTdNWcFsWSX2utW1ShKTpW4KsO6bGxmvNxBcQnEX90d762vP1iMbiZpOF3IXpjOHosCEtTlfjxPbUfwoAl_plK69DvONmvDBaaGV0Xj4Po_qOQtWaHczRKi1izboWgKVdrYnesd5wlnw6xRkmngzFz7uNBURTwm0EjJ055K7g1ILJWo2jE3bwEHBVwZ_3K_U4ecRZ3wYWWoaTbP6ftCX4yDnlYdatkeumNe7EzJGgs-jNH_tIXWSx2nrdc3xPQ-sWxWqSeWoasCVPJgZIPaowcvZnj8ppoBHetWZNlL0O68snW7coZcwQfhV_s540auDME6laZAY1VgLdi5oaTiGsU5J_mBXoR9EfpViR5qM48W6qvvi49AZX94Z_RekDCcMOY7YGXv5FY6eND84E9-YE2N5w0cZ-yJOJFZPmTieCoCyTbKZAv4UqBG6QmeqSqmd4AwkShlgTvAuIYyvRIko-m_FOf84FgZzd3jmzrw6qfdgBXfSdLIxq-Vtg48g0OiGYbl8kz5WdAwnCRUGu7umuuEt2ly3Y0-lE085CUc1swAOiKM8xbia4KRBAzqPxeaP5N_1H2C3_s2u39G5eFzrxi9PxxRVa9fSfJYBcKbsuD0z4m6PspEbzxS9_O_VbL5uzHnBxE2RETwtrkiQN_NJN-uN726GHVl46euZrynwqLFilu38qf_An-bLsyhh4SoHjp32P578zKDXlMa3XZ7CGrjGbR8csgHv-yPmOP8zPtQyNuAKGSap8uC8K3nGhfV6K0IOYfFvA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5F77 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 29 May 2021 00:20:20 GMT
expires: Sun, 29 May 2022 00:20:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 982
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E9E 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1916ed074bf1acf6726274085d8943827b0563165fda84458a970a933cadcc10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ohvBRH24nvir0jWbkgl8Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Sat, 29 May 2021 00:36:42 GMT
date: Sat, 29 May 2021 00:36:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ohvBRH24nvir0jWbkgl8Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8489 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 29 May 2021 00:20:20 GMT
expires: Sun, 29 May 2022 00:20:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 982
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A1B 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

603bd27e8a541ea0e0c5879fe164ab383d9fde5ab2d086aff15266f3e750a877

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-97SOOeHtX/o+ZN6Wqfpuug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Sat, 29 May 2021 00:36:42 GMT
date: Sat, 29 May 2021 00:36:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-97SOOeHtX/o+ZN6Wqfpuug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 653C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 29 May 2021 00:20:20 GMT
expires: Sun, 29 May 2022 00:20:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 982
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F94A 783 B
531 B 23ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef0d577283182a5199a0f0294ccf498b311d6fe47af83b5b8c12efc0fd744188

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iLgAQUqxRuRPYrFra5VE0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Sat, 29 May 2021 00:36:42 GMT
date: Sat, 29 May 2021 00:36:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iLgAQUqxRuRPYrFra5VE0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3D31 43 B
215 B 116ms
115ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=92b085fe-32a4-8b76-b39b-5ee148909bba&tv=%7Bc:dXM8g6,pingTime:-10,time:1025,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622248602133%7C%7C302c498fb246b4ce852a7b7f42a4a70c%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb744c27df0d9129304f342045064afa7%7C%7C5ba2a28c778879041745dd6c177a7c13%7C%7Ccc09bccb6212871de7dcc8f67fdec259%7C%7C85fb73a5e479cc97aa2faee1a299d013%7C%7C298e5be6992fe3ebf8737889f77b3092%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8AB6 43 B
215 B 102ms
102ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=3de61ec2-df4e-b9df-3da4-251b8c831ef4&tv=%7Bc:dXM8hb,pingTime:-10,time:865,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622248602200%7C%7C1ef0bb59bd8d8d396d061e40527cb11b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2e73cf4ac47a9511696591438e4fb41f%7C%7C294a15c373c4046ec3d1d53a703fac13%7C%7C5983e8014bc3e11456952f1e40cca9d1%7C%7C1178a2131f63b57586eee2c5415eca46%7C%7Ca2a640b0f5766d6d414276748f897703%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F77 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8489 14 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AB6 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDV5PWQSFmOy2GwqhTl4TxZ2uyxAxj1YkyjOKMmbct8AlkQy884XNHvaOSkf49U3nBw4rwHsY6xOOkeus-jRSSOWhHI_9PWpj8B28xHKE&sig=Cg0ArKJSzNgDm6aAZUYpEAE&id=lidar2&mcvt=1028&p=0,0,250,970&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622248600888&dlt=28&rpt=525&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 653C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 339886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE1E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9JhpmYyxYPrxB7vO7_UPy-2K8AMAAAAAOAHgBAI&bg=!wMOlw4fNAAaMan2LjGo7ACkAdvg8Wimfp1or8hg2Qce_6kPOTyn-I5F7H6GItufECNnn1P2qMNp8-AIAAAFsUgAAAD9oAQeZAscgxx-piWiqTphoUX3POOsBlJuXKiyK45hX51eI6XZF5ZWPMUyP6yTageGods7fb5Rfux5fae5PJUdNTj8Lz8ZArPOWDpiaZNfP6hzmmdK_l28UwgCZUvOor4tMh-jSeggVtKWwNA9k9mVQzpCmPABWmsqyh_mMkFWxGXDflFemJ1Z0Jaslmn6WsaI0R1TNf5n4O9QCIbwfDzKGAQWK8C_6ueRd16pwS0K9t1addvdC_jlrjmSkLkgsd4HWGegLPavCo3u3_e66Uj1l7-m2tVSk7veJg8A_I7ZJo3gV2iEHVdLByq_G_MXTp8j-M5rjoecRZ9mRPqiewPKe-vlIXjrr4q0Pmt1LRRDMBzXDIrXGr6lWSeW89UR41VNfmGR4i5IpshDzyB7aWhwqU8rjPKg292JfR_dPxnKZOrYYSTcJwkd3weGftDbU1vyJjbJJfm4WRTPN9Jm2isqzO2dFPtK1_SuD6vZi2Ow0WdvbEejuQn-lJkYtCBDWli52c2LB8Rx7g37a_kImXFr0jk1XcDt60eNJI8YymCZJ0fvqjEq_mrc6kZbeU4PGAxK2d1QhzJ20KIgaQGcv12NuFSslBdV_4DC-8rI-7Rig7rDFWyhC18pkRPvfndCfDULIRpAqe___MtXSFWg51FROpn31uIVcvY7PiNvfFxbCu-MRdaY3KjbmHePDVAapw1WYK-SeN7uSvjRyT1hyiCza3pgTHghkH3gwazNm52B3Cu6kWj5Ep8C8MRgKMvIgGUl_6YXxCau1hdbLnWfTJ0bq7ftxTbJYArI1Btaaxf2O_Gg3yrKuuruqWu0I5Y1QBQYP9DmaNnK3ga4wkx0hEDGnzj3I4CjJLAJz_w0mcG3thSHNUV2sxQPEM2VvsunAUUithiGgF936M_N8Lj_WrbRib7ubs1zb2gnoRIal26De03QuVdXgnC6tyKJJt-c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43B1 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B412OmYyxYPyOFZOKjuwP7-iK4AEAAAAAOAHgBAI&bg=!fH-lfzvNAAaMan2LjGo7ACkAdvg8Wl-e6mG68CQY14UcCWyvX7YIM0xhnwPe0ZKnF_MYwHpTrm-OhgIAAAGKUgAAAFloAQcKAEq8q3vwC-hVfX9uzf2WODfEVhTRwmHC7trzuJXrbu_0oUiCstKNUGtgNPNgL5_3lbSPdpbMWvw8pcdAnx_o_Eon5_ugbIHibTcW35kC0c_EktwyynTzMwrIMOFsrARKyoDH6UgXEEC7KhReiyAQ-9IKEs_8KFBPiwaRf3exz2S6-ojGLFQrVpAjbrAjZC6PznaEW0pdID5OBDlWk6r4FNJAvyPzMcAEoV1kVBF2hZsgGQJ7RQ2TeY1NsSVUwsAA3BB5Fu9tI_UT8gxdTId23f8zvauG2d6AZTGN1qd5D1zPEuawwr5XCyud2nGAaV-BUnyWc3EjgvF9JQMymVCZbpE06KYnl2okofssNPhZuC8XrMU4bOINDxiR05cmKcWVxn-tt6O67A6lRzMIfILuQfc35tLyHuKQEdM8zJhZaI_R_J7uxuCU0iWoJbmHuegoHQTox1gt2fX1gaHFD0DXjmUZDTbXq1S4Pihbba0mJp4e90V6xTT0RLMtYBxcGDRATC4egOtFFzzGj3m3-lgKmrUNb94WhSe8CRJ8gAaIhVl0zib_nEthQzwntRyiLUxTHJ9wB6SXdHvYKcSk4a0Gfn4Uzaljo-w6u-lG4SVYQEV9Cjuk-bo6daLKV1f-R6JfYIfe5O26iNeFXTivPlmtYbw8_rTS_EcEMC9IVh3Ql1c96RjVIDET97RSUDW0MGkoyGLAhcFdW4jsGsUa5x6Vg0FYyinAmVQR6vW7g1yzAGazAeRdHrJV0O3onaBMdALteYOEdke094jD-9L05hPs1UJNJ_IYgQvKPfeH4lsNJPBuNd8DYbSm1cvTvRpaA04hc3Kp5kOPiae-BVpu4uMzbG6-1qVQBmmaHjthQYtyRkzL7xySHfVMBGhyVowLWaoe4uDy8dZMUtzA46yNTkZtn0SVsm4lLwOyNSjzLp18syomCG8JF0y_8eC2TDSeyvGXNbRqnoMEVG8YH2un4IaOkzKf0lrsZ2gsDVnUn_kczVpwXjWJZ4zWIZzLChnjJ0gAezINaQAj0dG1W6Ti8jDBMF3SYzvPULOOD0NXdCgulxQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DA5 0
20 B 16ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=1691609968862281&bg=!l5SllNDNAAaMan2LjGo7ACkAdvg8WnjC_gmaP_zOagbYoEgQ9m55lPXZyH5UjAsjzzKBZBJ7PEYZAgIAAADdUgAAABtoAQeZAmE0agQa-ZmyBVl3jht6Ipts1FEBdrN05DxR5CABBQKYiAa4IOWPqUznQ16vBMIom4vgYNZ7o2sV-JiwTCatrf2PNNzqr7swE_GLrvI88D3TR_GUrpx-zDNM606mXotYdBarupG-UOn_CMzX3C6XjSFOsmwKJ19Na5ny8SrpIabjXUemaDLef0SZDiaGEsTRH0LwMC4286TTDGpsO7_kqZxNAYsai8stCaGvt7yF9sJ4GVX8vbZcmPUlDKzmxTdkg1VBFWFUkZctBSlAFtp-8O0ReIzKs-j5JWWOAmZlEzFxU-mD0KowPk1kYm-uwwa4gu0E02FH309XsnFmjURsz3TRJclo241gnR9Ouhmh-Is35fSvodyVCJxgTm8gEpRewZuLbr1HXE076ocMZzNhCyUNw-q-NvkOrWpLIC6reVDqcnT6GII3EafyXmyypNJ0PUF7gjTX6yT0Kmf8N8deU7xUugkOWwr9x1SlIiZk0lxig1R9Gc7y5RwTekxlXqBP7SQo3Yg58roG7aZQU1wNk4pZ2IWbytNe2e-S29SaoZW7rC3CexefOWh0fdEf1TAMXKacirMe9wXWwCrKi-2KmrOHgIo1p3zbpS46No5NJSo_IOnGcLBVT6q4lA4qfQcUmsrpql091OK4kwNEYhSg4AjuKwZPAKoz9m4vGKTNb-X2rGU2aEKksxVI2T8e3l9V_BWulBMqKagK6UK8-y9Vvbno0NQEEoNk64j6v7jZAdnTtEhhOkzby8gPcwjxwiYHV--31XH8TAEfgoIQpDp5ORHhjpg2F7dPevSl_gWqgwWXFys

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8F6 0
20 B 20ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052501&jk=3112805622635903&bg=!3d6l3prNAAaMan2LjGo7ACkAdvg8WhZT3ywf4jB9l55HOL-022hinC_1DGmiVuO64CFdvezGu7EAtwIAAAECUgAAABFoAQcKAKVr5dwYGHbaiWTmh4QBNjrEgvejEi2tFN0e-2zbRkfQmfWkyKEiu6D0KTrJtsDUa1GnIEviRqA2MbEWtuuj78oSC3gsVEgbyKlp3uhbUpoAXtmVwRxK1z4ghDVe37c3OMSZaUklE8qutvvR8f7A23g7Eeg_uiqhji7gdBaxrIeIKXmMOC1a3xo5lvtndIoi3YpBZ6m-CX5iOscv-pB9VmbZ1glyjeiZAlu5DsEYvWRYt9SDG4MSis6dczufGetY_QGhXqoQqoul3FxdTsr3ksCMcIrAeeCPaBhw3LHpqRbQDyrfRoTW9WAIoEfRqzoGl0bY7pZJit6hqsu_tkZc-ygIRvW22DxruKOUxBXIrQma2VhgOsDM8Rex_WUGHusJZvpioXxBsDGPGPrgFml-SWQ9Tc2Mg7M3NUYHQV5HprTlKpG6l5eBogticVTy8ig27xHM9M5_mqdu9-7mN2k3oMJ-Sb0JeQmPpyXpJTzsSMxADTFqWDBNhm0ijFFkfmqtvqv9sxnU2h0JnqO5LUfqnr68xrb-2M98d6VjVpQz8pQEiL0xJrQwYizaU4gIDuGdRSjTyG-XDYeSXkVAzJ8Z_iAJ-clI3VA4mX5RcfqwUR0f64fR81fbhD8QTz4raq1WJMgxjvsT0ZpUieneOwi2s3XrEqFixyLUmAhtytnq7r4pIrPIYZ3Trx45TTMglpD2-wuiMgGsFimdlO2YpD0INY5mru5oiTl-8oJ9hsprzveNtdHE3wbXlg7yPnPeVb4uGOlqnshZjoPhAKlhqDq6U-GCa_JFIfx2q6DBv7LR33_BADG3h08_4GvZ0q3GQvhhen7GCwp7BlpTvosZCHL_IPSlvaAFFhuQShD2nBy_JfFAvm08PX2jNwaDljPFW5AjAD4SeqeuCPv8U_nfzRhq914jol7GxVjgKtdirq5raJbb9MYIX7eAEs-NhWFajbTg8b1CLY04xKhqOExJuJKjI8sCf0tu2UDOWQ6rg1Kw7HkgcYsutZFnFgno0OrlFhpFzmTeVmk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052501&jk=1375574242481796&bg=!7-yl7KjNAAaMan2LjGo7ACkAdvg8WnL6WiDgZcJIoeg0-oSy4Pui_bW-4vMGcdYe4S9hmtr1sSpwmwIAAADeUgAAAA9oAQeZAkciFSNOiVHIbn5F6fikhaFrvgLCvdvNOnIKfJfg3NC0XlxFECyHeQK9iRl4SkHmpT54ivKvI-3JMXXHsmC_owAme_c3f0p-IFLPjKsK7N8yUUuyZd3Gb9Qu4KBpEClBCwoO4bmCnD-BTw6WqTgkuF0AusR2C4jEIjGgmKIEr429siA6D4KkkBFqBYwZHYQsu6yG6Hw8F1Qy-EOm2-kZkdDoEUIulNsneaBTSi638GuCY-lKtOMeU7jW9tWcpN3xDtlFBQxctMId2fJ2qlERBm0DJ2tI9d2gzLSx9YcTYJtmfbpbVZSKqWu__EfhcGpE64gvxVDByQOmy4bTFELjI2sAUiu6CdJd5euioA0zM_2BEnhb9NCUTpm17LqPBaw3FB5AyEEXA-TcRPAVexi-dAsZhWOQJlEhABAOWS-9YZG4P7K4uY_ZZlbN5bnpBDwAI03MaRV-71oigwObmq7X2NDx3YI6BZNNwA0ZbKQD4c6A6mnH66vOpZwdduZBCDe2qLIBVrY3l7YbIT1PZsOs0jMmAsT1nCfQrNprtDCQsEnvqQ8sZODNf63uy1I03EwDKq84b759D00hZGTzj8Z6OOcCoc38aACaSttUP8AaDXR0OOBbDR2XeqG-mhK9Tg4HS4KgX84lPipXfxx8mpZcHjnVFdZmym684epv-QURSpqt1BcaZOIH-0qyXzAZ1NhrJVGHsVe-WCQW3v1uAwcMuztvktqa5G4g_jsDbYEJO7wGEY5nuYj7tfd-1M3xJVbZiGTseaD-3Hnp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF31 42 B
64 B 14ms
13ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVErIw3ZfiYo4jkG0SlGC13_OhgaQk6R6Y3kPUXgthWjjeTVOB-_fPfZpDPYEy_ISL6zUPmu21Qp1ncE3f9VM2NQ&sig=Cg0ArKJSzA_Akb4r3UcJEAE&id=lidar2&mcvt=1002&p=0,0,250,970&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=2711260096&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 00:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-20 03:59:04	Name: __gads Value: ID=226e724a6cfaa58c:T=1622248599:S=ALNI_MYvX-Xtbn6KwCW9DFICU7MqgEJzDA
.cyberscoop.com/	1970-01-19 18:37:30	Name: __hssc Value: 143679850.1.1622248601955
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 03:59:04	Name: hubspotutk Value: 77dce7aaee02f8b6714bc9d2a7b4eacc
.doubleclick.net/	1970-01-20 03:59:04	Name: IDE Value: AHWqTUlK0QZm5g4RN7ncQX8EURjOn7guHnRqUlVu_oHIezSl2CWCq_RZZ6fDLGKpD-o
.cyberscoop.com/	1970-01-20 03:59:04	Name: __hstc Value: 143679850.77dce7aaee02f8b6714bc9d2a7b4eacc.1622248601955.1622248601955.1622248601955.1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VW7KWy7MpQRpW42fN815NS1DpW1n-N734s7DjXN2x86yr3lGn5V1-WJV7CgYB_W1YjP8N6_NyHzW78Yt_V4dN7JKW2n-8pk4K1cSDW6xFQdB4XrJVRN2TJlb2Tq0tqW30D4--77lb2JVSXyDZ1hXV1KW9cBBbc7-Nz-yMzYB-qd1FKvW8lhf8q98LhZbVGM5367vhHS7W351dRR6rf5C5N1R5TyWdNjwVW91BVzb4VTg8XN26nnjq2jLX8W96tLC86phdvHW3M3Ky58BJTMhW3jPfjJ4Cf11TW52Q-dS6bH4tlW7HZ-524LWGRwW7y2Llf4ZfD6pW194yfB14chNsW9k8ggV6kJCmVW5yJwK47ZrC023kLw1(Line 13) Message: toS
console-api	log	URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.003173828125 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002685546875 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.0029296875 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.003173828125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6fa48c31034c21e00778c184abe84c1b.safeframe.googlesyndication.com
7a855a154d843611d9064f12f7fc7e4e.safeframe.googlesyndication.com
8bf5b6a6ee39208771dcb0addc5582b9.safeframe.googlesyndication.com
a0a8b2309fdb49f8eb4b16e14fff6b94.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
afec57ead5999ebf7080dd0d90bb419a.safeframe.googlesyndication.com
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
go.recordedfuture.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.195
104.244.42.5
142.250.184.226
142.250.185.130
142.250.186.38
199.232.136.157
199.232.137.44
2606:2c40::c73c:67fe
2606:4700:10::6816:46c5
2606:4700:10::6816:47c5
2606:4700::6810:5905
2606:4700::6811:47b0
2606:4700::6811:b749
2606:4700::6811:d6cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:296::25ea
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f03d:8:face:b00c:0:8c
2a03:2880:f13d:83:face:b00c:0:25de
3.250.250.79
52.18.175.198
52.207.123.8
52.21.95.133
52.216.225.219
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
078da71a7a62568deb5509c20b7fd4313f75695f7c725d31c734e6283e4b697c
079e36dfebf002443bede5a554a4843a9fb07a7a82aac266520bda7ef25abb67
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c9f60da78a9802310977f3fe66b7c6a535f081113bb33fd098ab6f1bf27bf68
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
1060fb7b42df32809b5c1fbbdabafc73388ee8c3b58df801a76f332e9debb745
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115aa70aace6401978ed9e106c6f4c94c2a6a3ab6b08d122db34aa62aebd00dd
120210c70516997f79a47058c205c6c4bf34b9eb0e5812c4056ff2baa3ffe387
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1333453e2f8314ecb60cc89330c0bf6d8713d2ecc2733a41d28257047936f1e7
14d1a84bece50b1c302c7b3c6edba242433ea57b7430051f6057e43a33652c1b
15a2fd62f072453a52546cf0e32870250bc7a737dee1115e655b6492885ab80b
1916ed074bf1acf6726274085d8943827b0563165fda84458a970a933cadcc10
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
259ccd8c592819b8cfa374588609035a63aacc8c2611976c340b3699d6fffcfa
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e2374bb23209175e03062927527a9e21addfcca21923e9730a945f630dc7d59
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
421a1b2e8c04cf74c9db008eece0146b28d81e905ff60f7e3fd7c4878ad6df21
44e320ecbd9dc0d41986b373c3b7c927926f854576a5e8349f14ef84afddf8da
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
542bdd1557cddadbd992cdc7d072a7032d0a6c78d8d6880ae2d96453d0272486
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
56b2a23b4518aea888dad480aa3e88a37cf74f87c1ffc955f1ba4b015dc314a0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
603bd27e8a541ea0e0c5879fe164ab383d9fde5ab2d086aff15266f3e750a877
60f0b239316bc92dea8931498fe5bf00c4e475bf203eb8419bc56128fe543704
61216e708946df00051e394207447bfe5272a4c600c200d9e83527c179c6dffa
65b0c88404c002d34f78a30c820a5d895b7f992843bdda5631be2022128bcbcc
660ea9f6926591697cbe76bef5ededee582a5862521772920f1e9e9707f00c7d
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6bae96ee7798cfd1ff8397ccaf17638189ea3dc201fb59bb483807c6f8338649
6ca2a60d8169af420509bf97e4eb5a23e2bedee1f1f55cb2a2332d427be3cf00
6d1c2c1d6d8213c9201785846eede5c17253b84650b4e7e5c0aa93b0e715723b
6eb76c271a15b30ebb495505ccc8cd5580745b221920d509ac64561d69ca2cfe
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76c526fb15d4d171124acf7289400da8bb5a0b238020f2a4b6ae11da1a0419e8
76da578287c37840af519514b88a9d9232f05cbf4998a0c03cea2b13cac50780
78a15c436ac9f17a85493d5231325873eb27ccb668ff9a7e773a4bca8984d028
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
811d1a52048ec75a7c1a7c00272092c5373ffc001a2585480716abe1c7944bf5
81378dd9158a9b6cbfdbec17f6a3b25c0cb22232a1e20b8060e9b920136e26e2
82c82c3567fbebb3260e32f74046024153c6798fc1b07ceace95a5c109643533
846429479882c2f2c4b45a5991998ecf60fbb4a4b62d7077775a14942290a540
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855b2f261eee2df5af53831f98bd55a96e8e02aeaaedb1239e9ec03d4109b453
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
87062576ceb72abbd49dda64dd345333af24907a102888020c62fb7c98081f28
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8fcbc3ff31b2e795d2e8fb2f4ed5137b1437a085311c6d3cd59871aa00e5b81a
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94578eafb2e7dfb7e4b3b08d805b8a205d6e30e6c1a011b420258d5d41f78718
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9db0a9bc6c3ff133f89a32575d7ea5a1c7c83f4ecb630e4ef1a77700ba5b2c2b
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
a27971896702f55692c0df408732cbddffd9bddca1087d5dcd4d1a4ec7532d37
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d00cff748a5e8d331b1ae1adbc5c305e6cbdf0799e440318cc9ebd3004e9f7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accd132e713a8902183cc64bbe95bf2a8dcdb5a79423a8794c9080a78650afd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
ba6dddf67dd3b5f2d60b59a4b65f0d317446f019c6e9e9e0cc34adfd492b8e09
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc428689da938b74871785ff375c13d28e8aecd65aa3c073fa405696d3025647
bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c63819a1178d76ed30bef8babb538a11241ca31e0f4a34c6c682239cfd47b0d1
c72acb2e54e6b487fd40d36695bfc42be22b764e0a9c1980e0ecc30435308b3e
c83cd4afd9a3acd6ea6655fb9b5eeb23a90c0b4cd6a424c6faa0dee9a80ca5a4
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cbc18bfcdb63aa599b390c356eeb1669bc3c89d83e7cbdb89bf14ac8e29a5b4a
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
cbd43673ef999197a17096b6bea3616f46c029bac8c8ee2ae713dd1d3c0e9241
cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cda1e0648a9ecb1ae62a8c29eb3257e78f7d2aa9e6c77b9c1d23b5ae0785c356
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d0938df2604fea47529d191c33cb8a0c61a59a9931d4a610d507d90cea5a95ae
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d349c04aea83ade21d526bcb6bdb387bbd526764fbfc9e9bcdc4034c346b25b0
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfbcf1944aa94f8a16e8c65216b4289ee1dfa486db738e5ed1fbb0be5bea3696
dfee0c5c75c6e80b3df0cf7b20964ddf0abef211d4bba93954966be391097e80
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ecf7beab7b4561e0b50a66cfe8ddf3b9620fad8664e5cd097d491b496ee1c7bb
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef0d577283182a5199a0f0294ccf498b311d6fe47af83b5b8c12efc0fd744188
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d0dfd42bbdb2f7902bb82894be0085ea9e41a47b711a7622f5da7c0e1e490
f330ed0d3107f83820f0e90feb66a3062168075b38de546633e67eec7b4d7b9d
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fd283cfe3801793f079cf29fdb1896945faaa3932533bf59c249f238d886464d
fde8c97a99cd8fd3629fc55a2311d16bbd65e0be965ac7111a227aa6ab54423a
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

270 Requests

100 %HTTPS

73 %IPv6

30 Domains

44 Subdomains

45 IPs

5 Countries

3814 kBTransfer

9064 kBSize

6 Cookies

17 Outgoing links

Page URL History

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

100 %
HTTPS

73 %
IPv6

30
Domains

44
Subdomains

45
IPs

5
Countries

3814 kB
Transfer

9064 kB
Size

6
Cookies

270 HTTP transactions
7 data transactions