edscoop.com Open in urlscan Pro
35.169.207.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW...
Effective URL:
https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Submission Tags: phishing malicious Search All
Submission: On March 19 via api (March 19th 2021, 12:59:49 pm UTC) from US

Summary HTTP 159 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 26 domains to perform 159 HTTP transactions. The main IP is 35.169.207.77, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is edscoop.com.
TLS certificate: Issued by R3 on January 24th 2021. Valid for: 3 months.

This is the only time edscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.31 199.60.103.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
25	35.169.207.77 35.169.207.77	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
20	52.216.0.107 52.216.0.107	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:710... 2a02:26f0:7100:18d::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
159	37

2 199.60.103.31 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.169.207.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-207-77.compute-1.amazonaws.com

edscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.216.0.107 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:18d::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com 677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com 96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com	456 KB
25	edscoop.com edscoop.com	174 KB
20	amazonaws.com s3.amazonaws.com	352 KB
19	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	567 KB
12	googletagservices.com www.googletagservices.com	331 KB
7	google.com www.google.com adservice.google.com	1 KB
5	google.de www.google.de adservice.google.de	1 KB
4	gstatic.com fonts.gstatic.com	95 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	1 KB
2	facebook.com www.facebook.com	446 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	93 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	651 B
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	t.co t.co	448 B
1	hs-scripts.com js.hs-scripts.com	923 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	hsforms.net js.hsforms.net	129 KB
159	26

	Domain	Requested by
25	edscoop.com	hubspot.fedscoop.com edscoop.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
20	s3.amazonaws.com	edscoop.com
18	securepubads.g.doubleclick.net	edscoop.com securepubads.g.doubleclick.net www.googletagservices.com hubspot.fedscoop.com
14	pagead2.googlesyndication.com	edscoop.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	www.googletagservices.com	edscoop.com securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	edscoop.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	edscoop.com js.hsforms.net
2	track.hubspot.com
2	www.facebook.com	edscoop.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects edscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	edscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	t.co	edscoop.com
1	www.google.de	edscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	edscoop.com
1	js.hsforms.net	edscoop.com
159	35

This site contains links to these domains. Also see Links.

Domain
scoopnewsgroup.com
www.cyberscoop.com
buffalonews.com
statescoop.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
cyberscoop.com
fedscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
edscoop.com R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Frame ID: 2CA31781675FE3944C03F821392633FA
Requests: 77 HTTP requests in this frame

Frame: https://edscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-z1pD6cTTlI-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
Frame ID: 296FA708F3F7BA18263FBEBCF796C07C
Requests: 12 HTTP requests in this frame

Frame: https://edscoop.com/advertising/?id=article&page=article&position=static&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
Frame ID: B73A2C824B918A8B06F74D4A642FC7F9
Requests: 12 HTTP requests in this frame

Frame: https://edscoop.com/advertising/?id=half_page&page=article&position=sticky&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
Frame ID: AFABDBE3DB6B591DA260525F41002AAC
Requests: 12 HTTP requests in this frame

Frame: https://edscoop.com/advertising/?id=billboard&page=article&parent_id=ad-DBSw1veNgB-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
Frame ID: 646C10494B22837CE9988EF76F1A13F1
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFn0FpnmpCW58GF_lqBzL0eoGfGxjcf2GCQ9-B5PILTTuas4VxdNoaEqMNS-eBLyRSKa-N4UvoQcAZIvauKUAaCHFbX6sysJNW1cOK0Wj-6Ysj8sbnLHaUr2tL9Zzy-feM5tEHW2Uxn4mxpjp-mxzw4z5RcAEBbKQYEKBK48pDTMc4AjbzjCxkp7QiZMqxovE1Ii0Ki88nOOZzMu3rDGFF98f9r9O4jv22KHiixtVtpStlnCdF5d74udOVyVnz7eJ1c_347uSzUlU4pOhYhbfc2PMc37UIHGmOEv6ipQEoRQtdBwPFJRI&sai=AMfl-YSwgjK0JnCIZuGggqqk1XhQ1DKhXd-uyoeRLMTFxzyNw6aB7DExxx6Q4yzBMnWpVWHtiS3fdJ2N4sA6oTdO8hYc-B29XAyJypTVdg6emOQAoy_m8P22JjCXR0iwzRrS&sig=Cg0ArKJSzKGzjmP68ZxWEAE&adurl=
Frame ID: E65076CEE7C4309B7F623D580270B06C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudBsGhpOqYDM_GfV6UE6YCo_4Z_aXqoqADZEs6t_fx41JIhHvKbzSPLRMTsLUtAuSbS8BaFt66opMnPDuBeN2bxzt30CGkW0JC_DeezBsXKeqVzhqL9yoDoes8AO06i3ykD-gifcQFz4vKVZe5nM-8kG1soCsGbIJp3KBpT_TXyNeyRzn-VNuX5MnqshrBbBdmD3M-EzP4lk3WSP77V__0v_47r0wEZAbz3DpoxwBTeGSza72p93_UC24_U1Eky1zKYRP94A52JHDvcbFLwLJwDHjwsb-7ZCrTGCEmLgCoZhpneV44fIFjUA&sai=AMfl-YSjapKcRaFEjJyv7aiwbkSY05RJu7oZ7nZnPHnPBBJmE1Uz-hCV405vUoZUm8QV0iOlMi4myOSmYTxyco7c1AIo6HyC3sh3hAWI5IqTPgww9uOIaekw_yXbb60IsiE&sig=Cg0ArKJSzKG3KEw5CLSuEAE&adurl=
Frame ID: B32E902235379690D73762907BC09E19
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUtto2FuTrGpQoXjgiD9H9Q64_C0c3tFA1ozzuQm9WfBwfm_jU-DqB6UeRaukhzhJt0pkrRBDNTwx5IOgPif2iNGjMqv1RMyp7MkRj1LFQGRKCYECyZtQHZ52b2D42AIy2ejzO9xuIcRYdMIDuOWkQNmmc3c4xjq6ejjdWaKRtEUQWLMO-QiIFfidG10kqfvkobUKy7ZPLU7TjMvTLUF9Zne5uvDb9J2JyFUUciFGLO-iKPQSceRMkP5aVUE_7suz75QRll3uoXa5KijqXq9oDicoTv8XX7FvIAjgBzI85yqHT9zRoetHJ-_6xKjBs&sig=Cg0ArKJSzBjoB9IsVur7EAE&adurl=
Frame ID: A33BED522437A501D8DAB24F3E8D579A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcj-eIOjzRtntsPbNJJ0r1l0sjM6MzXX_kAQDbdOxSLmaG-zehFV01aI-VN3W-Nstf4HUp_3cc0-GcE35aJEx6jof5ggJflKtHAl5Zf7cp2L4YI5-C37XjbfiWtzaNGsB5w_AhV5e2ZeL10NYxiAnY3A1kJaZH1mrJPcTNygHL6D-U9XYmuLNafay1gbvXCB3CeooJJA80DDWV1ZT8lakdDIQeaU1pYEQwyxx7pTGgqHs1xeHa-4GNGPRvy0tFsHn4bzeCzqSYl506PdyfwTYW0bIiE5SNqI4NdOYfrcdXsAkohJOXOrCHgpwXXw&sig=Cg0ArKJSzItYB5S55yisEAE&adurl=
Frame ID: 85D76FBCA26C43725A890CFCB8091246
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B34C0F9534E1A9E83283A8BC7DA4CB33
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DF523D89E4625213211A1585763C2144
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B88D3E351871C2C3775289585AA326A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 8937219E022A3E56440196616860764B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5... HTTP 307
https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

159
Requests

100 %
HTTPS

81 %
IPv6

26
Domains

35
Subdomains

37
IPs

4
Countries

2378 kB
Transfer

5511 kB
Size

9
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://scoopnewsgroup.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: apparent ransomware incident

Search URL Search Domain Scan URL

URL: https://buffalonews.com/news/local/education/q-a-what-you-need-to-know-about-the-buffalo-public-schools-ransomware-attack/article_5709bb0a-8689-11eb-86fa-a3b0ff0028c2.html#tracking-source=home-top-story-1
Title: the Buffalo News reported

Search URL Search Domain Scan URL

URL: https://statescoop.com/2020-ransomware-palo-alto-networks-research/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: double extortion

Search URL Search Domain Scan URL

URL: https://statescoop.com/ransomware-map/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: the map

Search URL Search Domain Scan URL

URL: https://www.cyberscoop.com/hartford-ransomware-attack-mayor-bronin-fbi/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: Hartford, Connecticut

Search URL Search Domain Scan URL

URL: https://statescoop.com/baltimore-county-ransomware-classes-canceled/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: Baltimore County, Maryland

Search URL Search Domain Scan URL

URL: https://statescoop.com/cyberattacks-k12-schools-more-aggressive-cisa-warns/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: more than half

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sngedscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/edscoop_news

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/edscoop

Search URL Search Domain Scan URL

URL: https://www.instagram.com/edscoop

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://cyberscoop.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&__hssc=114028632.1.1616158770116&__hsfp=2176140176
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1?_ud=4408809e-9a12-48f6-ab81-0e324bccb82b&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1616158769064%26url%3Dhttps%253A%252F%252Fedscoop.com%252Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&liSync=true

159 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyN... Show response
hubspot.fedscoop.com/e2t/tc/ 8 KB
3 KB 164ms
116ms Document
text/html 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe8880c7612f3eb6da12c22cc030ebb0106ef4b0b1b63ff286300e5795a42441

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:27 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d2426a19cf78516ba5f750ab681c5281e1616158767; expires=Sun, 18-Apr-21 12:59:27 GMT; path=/; domain=.hubspot.fedscoop.com; HttpOnly; SameSite=Lax __cfruid=8a62d8f2d361569c206eb18fd338a9751728f63e-1616158767; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
cf-ray: 6326e0c9ce8e1d0a-CPH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08ec2ad21f00001d0a3521b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B1sZFh2NgrKIMmy4FK991MyqA6ZCEvqVQN4htIb7xdeww%2F%2Bl%2FHmdJq3%2B%2FvS5ZXYbwSUQqp2WqhHRNpNRbkldPxlddrD3DoFgFQ8yhCglvgScpZ0tmw%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVW...
https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

51 KB
13 KB

411ms
196ms

Document
text/html

35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx / PHP/7.2.34

Resource Hash

836a402eb56d475a483800a04f5b9cd0b34b0d4681298b2029dde7298b156621

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edscoop.com
:scheme: https
:path: /buffalo-n-y-schools-resume-classes-after-ransomware-attack/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1

Response headers

server: nginx
date: Fri, 19 Mar 2021 12:59:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
link: <https://edscoop.com/wp-json/>; rel="https://api.w.org/" <https://edscoop.com/?p=13978>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Fri, 19 Mar 2021 12:59:27 GMT
location: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
cf-ray: 6326e0ca990a1d0a-CPH
link: <https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08ec2ad29d00001d0a55825000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5gtFrVyNfHycqHYJzYfYK3RfA2KacLdjOxeJKje8Tw9wvAAnaIjaRuuWiNkZmVJgqPojWO2T9e9nlHQQMMqOJNCgcm9dL5ma3lAlI0%2FUQsp2%2FMaWpQ%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
edscoop.com/wp-content/themes/edscoop/ 89 KB
16 KB 110ms
107ms Stylesheet
text/css 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bf7a4443c5996925cddd6434b54942ecfbb55832700743686c42a6b239450831

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 21:42:44 GMT
server: nginx
etag: W/"6011de54-1643b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 style.css
edscoop.com/wp-content/themes/edscoop-child/ 2 KB
753 B 110ms
107ms Stylesheet
text/css 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop-child/style.css?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 22df373ef10b4d38afafcf06c40685cb82d2c9a3b4f8360f1eec2f888d55b370

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 23:37:02 GMT
server: nginx
etag: W/"5ee4119e-805"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
803 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=4.9.8

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e67174640462cfafc9e7dadb0f1ae4b930a564eb910bdce4c5a963e9efa28212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 12:59:28 GMT
server: ESF
date: Fri, 19 Mar 2021 12:59:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 12:59:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
665 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=4.9.8

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 11:17:25 GMT
server: ESF
date: Fri, 19 Mar 2021 12:59:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 12:59:28 GMT

GET
H2 200 addtoany.min.css
edscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 115ms
113ms Stylesheet
text/css 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 20:13:44 GMT
server: nginx
etag: W/"5e1e20f8-5b7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 jquery.js Show response
edscoop.com/wp-includes/js/jquery/ 95 KB
33 KB 116ms
113ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: nginx
etag: W/"5742c6ad-17ba0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
edscoop.com/wp-includes/js/jquery/ 10 KB
4 KB 116ms
114ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
etag: W/"573eaa90-2748"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 blinkTitle.js Show response
edscoop.com/wp-content/themes/edscoop-child/js/ 2 KB
737 B 116ms
114ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop-child/js/blinkTitle.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Mon, 15 Oct 2018 18:14:04 GMT
server: nginx
etag: W/"5bc4d8ec-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 singlescroll.js Show response
edscoop.com/wp-content/themes/edscoop/js/ 4 KB
1 KB 116ms
114ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/js/singlescroll.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4c141deb37425710e05b3ddcbb9c7769066714a268384edb2daf92eee2f83893

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 17:07:26 GMT
server: nginx
etag: W/"5e7103ce-f49"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 addtoany.min.js Show response
edscoop.com/wp-content/plugins/add-to-any/ 129 B
338 B 116ms
114ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Tue, 14 Jan 2020 20:13:44 GMT
server: nginx
etag: "5e1e20f8-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 129
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 app.js Show response
edscoop.com/wp-content/themes/edscoop/js/ 150 KB
47 KB 111ms
106ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/js/app.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 256f647ce9107e109bb11e8a21213de29a6fd4d19b234a3adacb8a87c12a444e

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 16:45:49 GMT
server: nginx
etag: W/"5fd796bd-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 menu.js Show response
edscoop.com/wp-content/themes/edscoop/js/ 219 B
429 B 111ms
107ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/js/menu.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c7f3526dcf7e8e126b047ee2c6dd11d4a061f9cc0c3cc5e2b7b7c22237fe73ba

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Fri, 01 Nov 2019 15:45:39 GMT
server: nginx
etag: "5dbc5323-db"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 219
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 stickybits.min.js Show response
edscoop.com/wp-content/themes/edscoop/js/ 13 KB
4 KB 116ms
115ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/js/stickybits.min.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Oct 2018 10:57:06 GMT
server: nginx
etag: W/"5bcc5b82-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 122ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

8c132f7f5fb8015d15a3d163fbbf84e4b244e951536552753086d391a39c788e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 480 of 1000 / last-modified: 1616152526"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19837
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:28 GMT

GET
H/1.1 200
OK edscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
2 KB 461ms
134ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/edscoop-interstitial.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c756615805b403bbad81204cf11bd9128a8b8a1b19f9cdec99482304242382f5

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: VXNJ8DAX51CKZJ3G
ETag: "1f127ba94276994987485324d6b32926"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1672
x-amz-id-2: bp+hEHJUG1dbCC07IGIyKr5+CWXbBB/n+xNDsoYyuIjEdGlgsEYvFo2sL3n4rc0qGKqgwfQeruc=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 467ms
127ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: VXNTN24BCC674FGX
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: eRQbkIYucm5pxtlF0YqBux1YLC5fe9leNby9QV5Yf6h79t538WfAlYVd5wpZ8yXsLEAXMK343uI=

GET
H/1.1 200
OK twitter.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 2 KB
2 KB 565ms
116ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/twitter.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: VXNMJNRWAPZR5RK8
ETag: "0bab5422023490b09b2590482b10e983"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2172
x-amz-id-2: jIOeovRMHFWkXwcRVuNsBS1VIYrQLF46kMruG0sLoLzDKuC5BOPy5VEBSvtLciqHICGjXn0XOSo=

GET
H/1.1 200
OK facebook.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 1 KB
2 KB 566ms
115ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/facebook.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: VXNWRX9XYJ0TG3Q8
ETag: "0bb97e47c732a1645d42198a7b8b1397"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1272
x-amz-id-2: G6D+Zri42NuqcZVVcf2aytYZnQcPMW+OACkuNHGKwaMehV7VInto6JxxhQOK8hYUmPWKdT6lfWE=

GET
H/1.1 200
OK linkedin.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 2 KB
2 KB 573ms
118ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/linkedin.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: VXNPENVWQWF3G1HX
ETag: "b05a15a980fa7ad56a297860e33c6327"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1857
x-amz-id-2: l34JJ0dy/ipAwIhUsoz7hGTtCjJggz+HcA3DoMoT3aTTUSK2BykEfCKtn8S6fWltnRNyx8DdaMY=

GET
H/1.1 200
OK reddit.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 6 KB
7 KB 575ms
115ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/reddit.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: VXNMEF82D9C6DZ5Q
ETag: "8095452e62fa3cbcbdaf4ed982477485"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 6390
x-amz-id-2: FkSFgzqRLPUGAgt1hROAlGXilHNinQR/XvkTPu/dZVykUD+PbY/AbEu4sQMXZtLnPsyxxFFyhho=

GET
H/1.1 200
OK gmail.svg
s3.amazonaws.com/sng-global-web-assets/images/shared-icons/ 1 KB
2 KB 222ms
124ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/images/shared-icons/gmail.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 24 Oct 2018 21:24:01 GMT
Server: AmazonS3
x-amz-request-id: VXNWXB6E9CPZA7C3
ETag: "e5d4decd16518b9f60451876256ea22f"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1181
x-amz-id-2: dJtLc35wu/saQGbD3HffRmuhgVZODZer3lGo5zFbiBC4+Ipsqgp8sXc9NruJD9M7uPsJEWWrk14=

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 120ms
120ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: VXNQE4PH2KHD0QPF
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: JnxuK9FPOqvkAQRBCl3CHDTvmgBTENR2cB1g4J5sk2P05tq6S/OeEouqkj6mxZzWInVwrcCnVm4=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 525 KB
129 KB 54ms
36ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
via: 1.1 077b94dab77b8114aebf503be197d7d9.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 61
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ec2ad5f800002b4115327000000001
last-modified: Tue, 16 Mar 2021 09:23:29 UTC
server: cloudflare
etag: W/"9d668cfc7c391b8538a113832f54ab8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kyzbOUT58LlXkaR6f62ilYZs3YCMDEjtEEAu%2Bl6dW9O9nHauS4vARYdEGQm716ovSfmWoEzBPOvx9MRMTP9SXGq5pU1Qb9F%2BCZ8aunoWaqoVNr4UegHi0WwNHA%3D%3D"}]}
x-amz-version-id: Im9LyHkEZJN8A9pTrxephGQMCSB7CbwW
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6326e0cffc692b41-FRA
x-amz-cf-id: MWK9x1oDlGPpivzdp_vJxVbuY9jgKhOkCx9_1TDUzlnelBKTGDoTuw==

GET
H2 200 ads.js Show response
edscoop.com/wp-content/themes/edscoop/js/ 2 KB
1 KB 107ms
106ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/js/ads.js?ver=1.0.0
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 234f350923af29b3bd85927dd8ce05124dce9ec469a9973ba62ad51314836c88

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 14:44:37 GMT
server: nginx
etag: W/"5e2b02d5-754"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 wp-embed.min.js Show response
edscoop.com/wp-includes/js/ 1 KB
974 B 107ms
106ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2016 13:38:33 GMT
server: nginx
etag: W/"58359bd9-576"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
50 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MH82QVR

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b14ec5358bec82416ff67fc3c92bced95d1f5496b6c246b3ba2ddb356aebac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51115
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Mar 2021 12:59:28 GMT

GET
H2 200 wp-emoji-release.min.js Show response
edscoop.com/wp-includes/js/ 12 KB
5 KB 119ms
117ms Script
application/javascript 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Jul 2018 06:37:26 GMT
server: nginx
etag: W/"5b4848a6-2efa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 lightslider.min.css
edscoop.com/wp-content/themes/edscoop/css/ 5 KB
2 KB 168ms
167ms Stylesheet
text/css 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://edscoop.com/wp-content/themes/edscoop/css/lightslider.min.css
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Sun, 21 Oct 2018 10:57:04 GMT
server: nginx
etag: W/"5bcc5b80-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 19 Mar 2022 12:59:28 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 30ms
14ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6848
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ec2ad65d00004a85f525d000000001
last-modified: Mon, 15 Mar 2021 11:04:59 GMT
server: cloudflare
etag: W/"146fb-5bd91388499a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6326e0d09fc94a85-FRA
cf-bgj: minify

GET
H/1.1 200
OK EdScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
2 KB 432ms
127ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/EdScoop_Color.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c756615805b403bbad81204cf11bd9128a8b8a1b19f9cdec99482304242382f5

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:06 GMT
Server: AmazonS3
x-amz-request-id: VXNSVXZJC37QK4KE
ETag: "1f127ba94276994987485324d6b32926"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1672
x-amz-id-2: TqWrpfjZJ4DicJV6zSVe0IbSblIbfy9CXh1ILQXhn/7VAQ/P98WnCzeHivp7JAgHZfF2SjLvEhY=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 426ms
122ms Image
image/svg+xml 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: VXNV7Y8287DJ27HM
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: Ot8awgkevZjv0sbiJ17lpyOgRXETVrwAABBrOF9VKR4rg++bK7g5O/l8fFN36pshb3oVtPxr7Xk=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=4.9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:55:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:15 GMT
server: sffe
age: 119026
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21304
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:55:42 GMT

GET
H2 200 PuristaMedium.woff
edscoop.com/wp-content/themes/edscoop/fonts/ 37 KB
37 KB 115ms
115ms Font
application/font-woff 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/wp-content/themes/edscoop/fonts/PuristaMedium.woff

Requested by

Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://edscoop.com
Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Sun, 21 Oct 2018 10:57:04 GMT
server: nginx
etag: "5bcc5b80-9340"
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: application/font-woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2 200 / Show response
edscoop.com/advertising/ Frame 296F 2 KB
883 B 274ms
273ms Document
text/html 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-z1pD6cTTlI-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx / PHP/7.2.34

Resource Hash

972e698ec868a7069fe313008fb0dee5416742ab810ae6a7c24161c1b0ce695d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&page=article&parent_id=ad-z1pD6cTTlI-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Response headers

server: nginx
date: Fri, 19 Mar 2021 12:59:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
link: <https://edscoop.com/wp-json/>; rel="https://api.w.org/" <https://edscoop.com/?p=4812>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
edscoop.com/advertising/ Frame B73A 1 KB
744 B 266ms
266ms Document
text/html 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/advertising/?id=article&page=article&position=static&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx / PHP/7.2.34

Resource Hash

0c945e5e93fdb0f8046ca2e7cef7a2fefc77d76b20b4d90b5e2bcd6a70151954

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edscoop.com
:scheme: https
:path: /advertising/?id=article&page=article&position=static&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Response headers

server: nginx
date: Fri, 19 Mar 2021 12:59:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
link: <https://edscoop.com/wp-json/>; rel="https://api.w.org/" <https://edscoop.com/?p=4812>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
edscoop.com/advertising/ Frame AFAB 1 KB
731 B 272ms
271ms Document
text/html 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/advertising/?id=half_page&page=article&position=sticky&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx / PHP/7.2.34

Resource Hash

ddcc5e744d7031eb7faece02a085a1363f8034f31b4c9b945bccb1acb9c34bc8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edscoop.com
:scheme: https
:path: /advertising/?id=half_page&page=article&position=sticky&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Response headers

server: nginx
date: Fri, 19 Mar 2021 12:59:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
link: <https://edscoop.com/wp-json/>; rel="https://api.w.org/" <https://edscoop.com/?p=4812>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
edscoop.com/advertising/ Frame 646C 2 KB
896 B 265ms
265ms Document
text/html 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://edscoop.com/advertising/?id=billboard&page=article&parent_id=ad-DBSw1veNgB-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-207-77.compute-1.amazonaws.com

Software

nginx / PHP/7.2.34

Resource Hash

55f6e50cee0ba1439ff00385e678bf78fdbf06f566f5d439a8fc2bd5dd87db1d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edscoop.com
:scheme: https
:path: /advertising/?id=billboard&page=article&parent_id=ad-DBSw1veNgB-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Response headers

server: nginx
date: Fri, 19 Mar 2021 12:59:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
link: <https://edscoop.com/wp-json/>; rel="https://api.w.org/" <https://edscoop.com/?p=4812>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK GettyImages-1226455690-1.jpg
s3.amazonaws.com/wp-media-es/2021/03/17203228/ 187 KB
188 KB 316ms
121ms Image
image/jpeg 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/wp-media-es/2021/03/17203228/GettyImages-1226455690-1.jpg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd116130a76afb37719b8778732d43287e022df660deafd8dbf94ad7cf9b6591

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 18 Mar 2021 00:32:29 GMT
Server: AmazonS3
x-amz-request-id: VXNWNVK0TPF3BF62
ETag: "d600453f1dbbb758e9b863e566a22cb7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 191714
x-amz-id-2: FiDwAPVFNxxYhUgOH0LtOrB9xbKgpeHZ+2TGbf3M2Z9ptBWKyjE+w7f5Z6VwxehWR+dh2HUQG3M=
Expires: Fri, 18 Mar 2022 00:32:28 GMT

GET
H/1.1 200
OK GettyImages-1281144907-1-307x171.jpg
s3.amazonaws.com/wp-media-es/2021/03/17165557/ 9 KB
9 KB 120ms
119ms Image
image/jpeg 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/wp-media-es/2021/03/17165557/GettyImages-1281144907-1-307x171.jpg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81812b82c46f4d1da83d2eb720e575c6023089e7617135009426936f4cffcf63

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 17 Mar 2021 20:55:58 GMT
Server: AmazonS3
x-amz-request-id: VXNZJQJ73965RY2X
ETag: "e963f55244a75905087ad84b8d732506"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9021
x-amz-id-2: XHPBgED29wjV2HJ9Cn9huAj+vbrsZSPeNujZz5675aKZvvssZuy8JxC6FFcgEYQQWHiFMVO/4bY=
Expires: Thu, 17 Mar 2022 20:55:57 GMT

GET
H/1.1 200
OK GettyImages-1268352592-307x171.jpg
s3.amazonaws.com/wp-media-es/2021/03/10093548/ 16 KB
17 KB 136ms
136ms Image
image/jpeg 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/wp-media-es/2021/03/10093548/GettyImages-1268352592-307x171.jpg
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 993fa436cce7cc241da55d59d8a528fd3c767e5ea0aa2c42f746d2d96cee8ca1

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 10 Mar 2021 14:35:50 GMT
Server: AmazonS3
x-amz-request-id: VXNX5T01QFMRXF4G
ETag: "1cc831bce7a1fe5364d9bcbadb25ee5f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 16661
x-amz-id-2: sw5oEdRdKpKLHA5Al6fGgt66kMQ2e2RrDHcGG76G5cBJ7os3mfTFpGsh2W6jjWaR58RvB4yKdxE=
Expires: Thu, 10 Mar 2022 14:35:48 GMT

GET
H/1.1 200
OK McAfee_K-12_Header-307x171.png
s3.amazonaws.com/wp-media-es/2021/03/03111434/ 71 KB
71 KB 128ms
127ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/wp-media-es/2021/03/03111434/McAfee_K-12_Header-307x171.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c2abe7b6a419b4d2f20460ce921584485e200f994af4e3d0d12e63fdf044a89

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Wed, 03 Mar 2021 16:14:36 GMT
Server: AmazonS3
x-amz-request-id: VXNK5XVP52HAN5M8
ETag: "7e12929bf424d250512f7c403566897e"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 72678
x-amz-id-2: n/EtyxNlkUrvQggiNYfuhw7KPbZ2Tvh6jOPohzGUUhlQ08ncqHyL8WXm5qvxHlZNGC2JEnSTEJQ=
Expires: Thu, 03 Mar 2022 16:14:34 GMT

GET
H3-Q050 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 22 KB
22 KB 37ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=4.9.8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:30:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:45 GMT
server: sffe
age: 325734
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22336
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:30:34 GMT

GET
H3-Q050 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 40ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=4.9.8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 11:21:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 5884
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Sat, 19 Mar 2022 11:21:24 GMT

GET
H3-Q050 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 41ms
24ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=4.9.8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://edscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:16:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
server: sffe
age: 139407
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21244
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:16:01 GMT

GET
H2 200 55fc3284-46d3-4efe-85ec-89bd533919c2 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 133ms
117ms Script
application/javascript 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/55fc3284-46d3-4efe-85ec-89bd533919c2?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc360c0058a16a7986c70eb88ee4e7d6fe8100d331abd15c5e3709618733616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ec2ad70600002c2a413f2000000001
server: cloudflare
x-trace: 2BFEAEA52B7DE432607CF10D53B745CF8C5D57BD75000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6326e0d1adf52c2a-FRA

GET
H2 200 facebook_logo_white.png
edscoop.com/wp-content/themes/edscoop/images/icons/ 361 B
551 B 107ms
106ms Image
image/png 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edscoop.com/wp-content/themes/edscoop/images/icons/facebook_logo_white.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Sun, 21 Oct 2018 10:57:05 GMT
server: nginx
etag: "5bcc5b81-169"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 361
expires: Sun, 18 Apr 2021 12:59:28 GMT

GET
H2 200 twitter_logo_white.png
edscoop.com/wp-content/themes/edscoop/images/icons/ 481 B
671 B 108ms
106ms Image
image/png 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edscoop.com/wp-content/themes/edscoop/images/icons/twitter_logo_white.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Sun, 21 Oct 2018 10:57:06 GMT
server: nginx
etag: "5bcc5b82-1e1"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 481
expires: Sun, 18 Apr 2021 12:59:28 GMT

GET
H2 200 linkedin_logo_white.png
edscoop.com/wp-content/themes/edscoop/images/icons/ 946 B
1 KB 108ms
106ms Image
image/png 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edscoop.com/wp-content/themes/edscoop/images/icons/linkedin_logo_white.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
last-modified: Sun, 21 Oct 2018 10:57:05 GMT
server: nginx
etag: "5bcc5b81-3b2"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 946
expires: Sun, 18 Apr 2021 12:59:28 GMT

GET
H2 200 instagram_logo_white.svg
edscoop.com/wp-content/themes/edscoop/images/icons/ 2 KB
874 B 108ms
107ms Image
image/svg+xml 35.169.207.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edscoop.com/wp-content/themes/edscoop/images/icons/instagram_logo_white.svg
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.207.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-207-77.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

Referer: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 20:18:58 GMT
server: nginx
etag: W/"5c9a8932-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Sun, 18 Apr 2021 12:59:28 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 118ms
117ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNX498M6DD4T7KB
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: J/RB0KEQUbdN/JWTky8ZBD1WQYp2nPFHHRrZExRmsRUmrgAR9MBFB3vGZYYSzV8bB9XHM4NkVCM=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 152ms
152ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNQFN9ETNXKH137
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: OcLDFzs6EtPt5SsaGqrJbVn+nE7WM0Ui0n2ZX9q7q4sNyfM1HJrmzZFWGFE4KgbOZwj0aKDCBC8=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 117ms
116ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNJHZG9XGZEPE14
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: P71MQt7IetKjPJEH+okR6Yr1ThpuEcMaYNyfjgWzdIuyxIzTDHuTLXb82WzcTvxE3UVTb4tTkZE=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 115ms
113ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNW1ECDYQ71AE1C
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: fE32ZKCYs8NzeQ+eyBfGAfa/7yzLxJioQUn6iGBvycoBOqAlHdoSyJ7DAdY6J0nA97XUjlfcqJQ=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 120ms
120ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNPRGNR4D839W0N
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: uUNFwJHGCHa2hJml0ZO6hwL4WlmeMQkGFGw5yLFpLmMwXhyUKUZCXQk0PCfjXqV8IeJuGt0Lc+U=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 123ms
122ms Image
image/png 52.216.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: edscoop.com
URL: https://edscoop.com/wp-content/themes/edscoop/style.css?ver=4.9.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.0.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:30 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: VXNS8D9ABQMVVQDN
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: 5Bvfj+1ZKh6Kmzo7I2hQevApojaNQtSU4g+GVayhg3qIgYHJrMcNYvv0z27xganVutrumykYSBk=

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 94ms
55ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:28 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11352732
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ec2ad75500004a8568069000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6326e0d22a114a85-FRA
cf-bgj: minify

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 95ms
30ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH82QVR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 46828
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1616158769.065198,VS0,VE0
x-served-by: cache-fra19173-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 23ms
7ms Script
application/x-javascript 2a02:26f0:7100:18d::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH82QVR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 12:59:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-xss-protection: 0
pragma: public
x-fb-debug: 6qV/ulobNGZv+CebGqXWdbUgPYAMS0Bo6Wk4P6DEXUskrECVGiLTpLrZbHzAFYiCOiU+X1Ko6oSO1DIIWV43ug==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 19 Mar 2021 12:59:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 942 B
923 B 125ms
107ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH82QVR
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c363bed3b3e9a9748273e0f55e90e540c78f3790f7485f8dadd167a77bcc73b5

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BE0740F5D8BFE06EFABD771A973C664AA3CE82B65000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://edscoop.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6326e0d249072c3a-FRA
cf-request-id: 08ec2ad77100002c3aa412e000000001
expires: Fri, 19 Mar 2021 13:00:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH82QVR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5463
date: Fri, 19 Mar 2021 11:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Mar 2021 13:28:25 GMT

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 61ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b47cf926250cb0e1fa31d33689857d38323d9a74f685071cf24860bcc877f784

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: pc1wL3OmPPlQT1SkplWuL7sGfOtFbyesrCmBX10xS7CWtT6+lJY2vii8sJPoJARFVLWalB1+tG5PM7B7mirrbw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Mar 2021 12:59:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=769766461&t=pageview&_s=1&dl=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&ul=en-us&de=UTF-8&dt=Buffalo%2C%20N.Y.%2C%20schools%20resume%20classes%20after%20ransomware%20attack%20%7C%20EdScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1809307292&gjid=1736232258&cid=927072102.1616158769&tid=UA-66363613-1&_gid=69463655.1616158769&_r=1&gtm=2wg3a0MH82QVR&z=23470250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1616158769064%26url%3Dhttps%253A%252F%252Fedscoop.com%252Fbuffalo-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&liSync=true

0
57 B

190ms
189ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&liSync=true
Requested by: Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: XWbJp9a/bRagpIsT/ioAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: o038m9a/bRYwjxuCNCsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: EBFBECD22E09476B9DA895222DE80A3C Ref B: FRAEDGE0707 Ref C: 2021-03-19T12:59:29Z
date: Fri, 19 Mar 2021 12:59:29 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1616158769064&url=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B73A 58 KB
20 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/advertising/?id=article&page=article&position=static&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 58 of 1000 / last-modified: 1616152376"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19836
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 646C 58 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/advertising/?id=billboard&page=article&parent_id=ad-DBSw1veNgB-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

602a8fdd3fb782c7e4715c3fed393d03da25b67bbb2b98d7deb3882aa78db3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 365 of 1000 / last-modified: 1616152526"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19811
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-66363613-1&cid=927072102.1616158769&jid=1809307292&gjid=1736232258&_gid=69463655.1616158769&_u=YEBAAEAAAAAAAC~&z=2111155938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Mar 2021 12:59:29 GMT
content-type: text/plain
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 296F 58 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-z1pD6cTTlI-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 852 of 1000 / last-modified: 1616152376"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19836
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame AFAB 58 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: edscoop.com
URL: https://edscoop.com/advertising/?id=half_page&page=article&position=sticky&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707089c9677a5eb7c4f3d8a16b02ec9dc546df8a0149f70500eb4b243f91eca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 282 of 1000 / last-modified: 1616152526"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19836
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
958 B 47ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 12:51:50 GMT
server: ESF
date: Fri, 19 Mar 2021 12:59:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-66363613-1&cid=927072102.1616158769&jid=1809307292&_u=YEBAAEAAAAAAAC~&z=1025564239

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-66363613-1&cid=927072102.1616158769&jid=1809307292&_u=YEBAAEAAAAAAAC~&z=1025564239

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B73A 285 KB
100 KB 40ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 pubads_impl_2021031801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 646C 286 KB
100 KB 50ms
48ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102478
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 230ms
145ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Fri, 19 Mar 2021 12:59:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e3c5234b0db119a853dbab3a6d8273a2
x-transaction: 007c0bdc00269f08
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 296F 285 KB
100 KB 44ms
44ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AFAB 285 KB
100 KB 58ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
365 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&rl=&if=false&ts=1616158769153&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616158769151.2092261595&it=1616158769012&coo=false&rqm=GET

Requested by

Host: edscoop.com
URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 59 KB
15 KB 38ms
15ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238a0dfc2120b106897fa306bec3267cd2338bf6c0264a2ae8f2c242a4176eb0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 194
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: W17C6AC9QCNT3K11
x-amz-id-2: 4ufFLLZdSOpl0yV2H02ADIJ4NPhkUOWO5ZFDJ6dPDlpanS/ckETk3qk8/gGb/Vs7fZaukUjpRBk=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:52:05 GMT
server: cloudflare
etag: W/"56ce832781fa7a76917acdc3ae79c324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: El1Wjv_xSqNav5tdv7pELtHmoX3xiVvI
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 08ec2ad83700000609d50d3000000001
cf-ray: 6326e0d38a8e0609-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 19 Mar 2021 13:01:15 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1616158500000/ 61 KB
19 KB 39ms
17ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1616158500000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a97554ba9d23f6d4529f6576044c8650daeb476cac9f9b8558c0b266317a5a

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 194
x-amz-server-side-encryption: AES256
x-amz-request-id: EHM4V4D8NEPTYF9J
x-amz-id-2: mZ5bortQBxfqc0ffTBCwq/pMpoqku7TujVKT7Qj0iTYBfykxDtOzojfwNUXX6bv3SkUxfCZZoCA=
last-modified: Tue, 23 Feb 2021 21:57:42 GMT
server: cloudflare
etag: W/"63bfb6023fb1797fe1098812de1c22ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 08ec2ad837000005f9b8a4d000000001
cf-ray: 6326e0d38a4305f9-FRA
expires: Fri, 19 Mar 2021 13:01:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B73A 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B73A 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B73A 31 KB
12 KB 78ms
76ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547215848510750&correlator=2238125634720187&output=ldjh&impl=fif&eid=21068529%2C31060316%2C31060367%2C31060493%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=18430785%2CEdScoop_Article_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26categories%3Dk-12%26page%3Darticle%26Tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&cookie_enabled=1&cdm=edscoop.com&bc=31&abxe=1&lmt=1616158769&dt=1616158769238&dlt=1616158769013&idt=199&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=983&adys=1312&adks=1654652907&ucis=u6vjtjhwq9br&ifi=1&ifk=533291064&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fedscoop.com%2Fadvertising%2F%3Fid%3Darticle%26page%3Darticle%26position%3Dstatic%26categories%3Dk-12%26tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&ref=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&top=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=927072102.1616158769&ga_sid=1616158769&ga_hid=1081572264&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0a2e80e927c089ecbb6e10373bf8886584e711e762776d37e8af43be2b67ab92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11550
x-xss-protection: 0
google-lineitem-id: 5635287359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341784680
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B73A 0
0 93ms
39ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B73A 0
0 8ms
7ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 646C 0
56 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=144060510810431&vrg=2021031801&nw_id=18430785&nslots=1&eid=21068529%2C31060522%2C31060210%2C31060367%2C44739387&pub_url=https%3A%2F%2Fedscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26page%3Darticle%26parent_id%3Dad-DBSw1veNgB-leaderboard%26categories%3Dk-12%26tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&start_time=1616158769267&end_time=1616158769268&n=0

Requested by

Host: edscoop.com
URL: https://edscoop.com/advertising/?id=billboard&page=article&parent_id=ad-DBSw1veNgB-leaderboard&categories=k-12&tags=buffalo%2Ccybersecurity%2Cnew-york%2Cransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 646C 107 B
777 B 43ms
29ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 646C 107 B
531 B 129ms
87ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 646C 31 KB
12 KB 77ms
77ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=144060510810431&correlator=1724648374496203&output=ldjh&impl=fif&eid=21068529%2C31060522%2C31060210%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=18430785%2CEdScoop_Billboard_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&cust_params=page%3Darticle%26categories%3Dk-12%26Tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&cookie_enabled=1&cdm=edscoop.com&bc=31&abxe=1&lmt=1616158769&dt=1616158769281&dlt=1616158769014&idt=247&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=3698&adks=727891382&ucis=sezi4z773bbq&ifi=1&ifk=3404215553&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fedscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26page%3Darticle%26parent_id%3Dad-DBSw1veNgB-leaderboard%26categories%3Dk-12%26tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&ref=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&top=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=980x-1&ga_vid=927072102.1616158769&ga_sid=1616158769&ga_hid=99201636&ga_fc=true&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f642d14aab56bd36c17c459ef7ef258a72745a80e759a006681451d4ef7c6db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12072
x-xss-protection: 0
google-lineitem-id: 5635287359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342225418
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 646C 0
0 74ms
13ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 646C 0
0 36ms
21ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 296F 107 B
123 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 296F 107 B
123 B 89ms
88ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 296F 30 KB
12 KB 86ms
85ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=861770341108159&correlator=2133601088810442&output=ldjh&impl=fif&eid=31060317%2C31060466%2C31060297%2C31060367%2C31060515%2C44739387%2C21065724&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=18430785%2CEdScoop_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&cust_params=page%3Darticle%26categories%3Dk-12%26Tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&cookie_enabled=1&cdm=edscoop.com&bc=31&abxe=1&lmt=1616158769&dt=1616158769319&dlt=1616158769057&idt=251&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=130&adks=2597443955&ucis=kelvitbkrqed&ifi=1&ifk=2459168333&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fedscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26page%3Darticle%26parent_id%3Dad-z1pD6cTTlI-leaderboard%26categories%3Dk-12%26tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&ref=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&top=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=1600x250&ga_vid=927072102.1616158769&ga_sid=1616158769&ga_hid=1790227570&ga_fc=true&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0d8cba53404a5f4ff13eab904738b5cd49b638cd24e3b7d4ed9123ab73c720f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
google-lineitem-id: 5644388543
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343108896
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 296F 0
0 49ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 296F 0
0 8ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame AFAB 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame AFAB 107 B
123 B 64ms
63ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AFAB 30 KB
11 KB 78ms
77ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2932988601657775&correlator=2284333161947293&output=ldjh&impl=fif&eid=21068529%2C31060501%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=18430785%2CEdScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=categories%3Dk-12%26page%3Darticle%26Tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&cookie_enabled=1&cdm=edscoop.com&bc=31&abxe=1&lmt=1616158769&dt=1616158769349&dlt=1616158769058&idt=272&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1577&adks=196758595&ucis=mt2twcdmn5lw&ifi=1&ifk=3361771507&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fedscoop.com%2Fadvertising%2F%3Fid%3Dhalf_page%26page%3Darticle%26position%3Dsticky%26categories%3Dk-12%26tags%3Dbuffalo%252Ccybersecurity%252Cnew-york%252Cransomware&ref=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&top=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=927072102.1616158769&ga_sid=1616158769&ga_hid=331155546&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e6b3d6448965b7d0da98cc0f3e5aa38ff44a718edae01106251782ce704e17dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11293
x-xss-protection: 0
google-lineitem-id: 5644388543
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343074314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AFAB 0
0 53ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame AFAB 0
0 9ms
7ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E650 0
0 68ms
67ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFn0FpnmpCW58GF_lqBzL0eoGfGxjcf2GCQ9-B5PILTTuas4VxdNoaEqMNS-eBLyRSKa-N4UvoQcAZIvauKUAaCHFbX6sysJNW1cOK0Wj-6Ysj8sbnLHaUr2tL9Zzy-feM5tEHW2Uxn4mxpjp-mxzw4z5RcAEBbKQYEKBK48pDTMc4AjbzjCxkp7QiZMqxovE1Ii0Ki88nOOZzMu3rDGFF98f9r9O4jv22KHiixtVtpStlnCdF5d74udOVyVnz7eJ1c_347uSzUlU4pOhYhbfc2PMc37UIHGmOEv6ipQEoRQtdBwPFJRI&sai=AMfl-YSwgjK0JnCIZuGggqqk1XhQ1DKhXd-uyoeRLMTFxzyNw6aB7DExxx6Q4yzBMnWpVWHtiS3fdJ2N4sA6oTdO8hYc-B29XAyJypTVdg6emOQAoy_m8P22JjCXR0iwzRrS&sig=Cg0ArKJSzKGzjmP68ZxWEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame E650 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:59:10 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame E650 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:58:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E650 117 KB
36 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E650 0
0 43ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5LOt5tZG8YuNGIXpBPF92qZWzubZMsoNrI0DcEGdYhVJBCPVwxrXsz1ZeIvBwbwY1AyQK
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 12193353000633859321
tpc.googlesyndication.com/simgad/ Frame E650 24 KB
24 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12193353000633859321

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c8abd7b2efffcf9a5f9e9240ac96c15e80170e8db19013e5cbe5a309bf35299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:37:13 GMT
x-content-type-options: nosniff
age: 559336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24909
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 20:54:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 01:37:13 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B73A 73 KB
28 KB 41ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B73A 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce94fc22f7a84e29dee7d91e62407673736134f3229d96e7421aefeca34fd823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6497
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B32E 0
0 70ms
69ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudBsGhpOqYDM_GfV6UE6YCo_4Z_aXqoqADZEs6t_fx41JIhHvKbzSPLRMTsLUtAuSbS8BaFt66opMnPDuBeN2bxzt30CGkW0JC_DeezBsXKeqVzhqL9yoDoes8AO06i3ykD-gifcQFz4vKVZe5nM-8kG1soCsGbIJp3KBpT_TXyNeyRzn-VNuX5MnqshrBbBdmD3M-EzP4lk3WSP77V__0v_47r0wEZAbz3DpoxwBTeGSza72p93_UC24_U1Eky1zKYRP94A52JHDvcbFLwLJwDHjwsb-7ZCrTGCEmLgCoZhpneV44fIFjUA&sai=AMfl-YSjapKcRaFEjJyv7aiwbkSY05RJu7oZ7nZnPHnPBBJmE1Uz-hCV405vUoZUm8QV0iOlMi4myOSmYTxyco7c1AIo6HyC3sh3hAWI5IqTPgww9uOIaekw_yXbb60IsiE&sig=Cg0ArKJSzKG3KEw5CLSuEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame B32E 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:59:10 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B32E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:58:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B32E 117 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 13421008990961513695
tpc.googlesyndication.com/simgad/ Frame B32E 50 KB
50 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13421008990961513695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ef80483179805684ca0261988bce90ce72d6f4d82c0ad7411693f6acf8e9a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:37:02 GMT
x-content-type-options: nosniff
age: 559347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51331
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 20:54:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 01:37:02 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 646C 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A33B 0
0 71ms
69ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUtto2FuTrGpQoXjgiD9H9Q64_C0c3tFA1ozzuQm9WfBwfm_jU-DqB6UeRaukhzhJt0pkrRBDNTwx5IOgPif2iNGjMqv1RMyp7MkRj1LFQGRKCYECyZtQHZ52b2D42AIy2ejzO9xuIcRYdMIDuOWkQNmmc3c4xjq6ejjdWaKRtEUQWLMO-QiIFfidG10kqfvkobUKy7ZPLU7TjMvTLUF9Zne5uvDb9J2JyFUUciFGLO-iKPQSceRMkP5aVUE_7suz75QRll3uoXa5KijqXq9oDicoTv8XX7FvIAjgBzI85yqHT9zRoetHJ-_6xKjBs&sig=Cg0ArKJSzBjoB9IsVur7EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame A33B 17 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:59:10 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame A33B 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:58:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A33B 117 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 54239891422854180
tpc.googlesyndication.com/simgad/ Frame A33B 169 KB
169 KB 10ms
8ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/54239891422854180

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e374a9109895e6361d503dd3db8196940cfa8aa8e4cd66d0a6007301b1c60b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 11:48:32 GMT
x-content-type-options: nosniff
age: 263457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173036
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 13:50:29 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 11:48:32 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 296F 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B73A 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85D7 0
0 68ms
68ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcj-eIOjzRtntsPbNJJ0r1l0sjM6MzXX_kAQDbdOxSLmaG-zehFV01aI-VN3W-Nstf4HUp_3cc0-GcE35aJEx6jof5ggJflKtHAl5Zf7cp2L4YI5-C37XjbfiWtzaNGsB5w_AhV5e2ZeL10NYxiAnY3A1kJaZH1mrJPcTNygHL6D-U9XYmuLNafay1gbvXCB3CeooJJA80DDWV1ZT8lakdDIQeaU1pYEQwyxx7pTGgqHs1xeHa-4GNGPRvy0tFsHn4bzeCzqSYl506PdyfwTYW0bIiE5SNqI4NdOYfrcdXsAkohJOXOrCHgpwXXw&sig=Cg0ArKJSzItYB5S55yisEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 85D7 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:59:10 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 85D7 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 12:58:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85D7 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 85D7 0
0 14ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSN0cphL3kfTEyiE6EP3oKbv4A5Y0P6NRWqyLhpqHMV37FDQm8ucOl4pawmAP6VY9qy3o-GCZUjYBkLsysHdTwvnX3q8Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 15651298101600902992
tpc.googlesyndication.com/simgad/ Frame 85D7 84 KB
84 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15651298101600902992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7de6c102d55949d16389420fcddc21b05761909b6057b3d8cc48672c9a11314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:07:38 GMT
x-content-type-options: nosniff
age: 341511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86154
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 13:53:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:07:38 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFAB 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
DATA 200
OK truncated
/ Frame B32E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bae6b5aedb607bbf807360252fdd542d9e53bd32f206fc79f6809998fdcf7966

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E650 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 050808251b4908b1f41bac07ad21fff1baaf960e583723fc2ead6a5d2f2d96af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A33B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8e6f721a9be3d9ecfb1ca1b91763f485d46891e1ca27ba1a3e2f9a2563ddee6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E650 0
0 124ms
83ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4lNjYKKPC3fM8kTkzQ1YhniqAPJHjFS17XviMi3ysFdBsqiLCo6wiIWlvHa1BMc5Ih2O2tC5n53_fPWCe57cay-LJ1EauQlbHEoRBpy0ZdKYggb1AlR2db7Fw8MGkvAP1KGVRDf48FEauiGq8IdC4uT3i3fKo4Btyp8jTyfdWPd35dfOky4R4Qtfs7bMyeFPswjCZjcOxqQ5z_jOxYCHhHccDl3krVeNh08RuiTG8Wk8ILr4co2mFCPGgQFzagsVqEwXIwZz2VKATbXJDTt4uQJye6HAjxRtEC-0rh26IyjbaHOQdbc__vA&sai=AMfl-YSdNixlSa1HYnDO52dGrqA3F4a9CexUgeomS6umDT1B0S8l7STXtyNY4BZjlprqPFs6DFH16HRoE-peNQRtQV9rVBMAONbH1V_wDYNeCBJ-37GaBWxcRKxVneJlb7Hh&sig=Cg0ArKJSzII0XkJOmxnOEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B32E 0
0 122ms
82ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOougHF1p1Yd9ivNrsALucCHf9DaT9VHPHm20x7dVmmc_PDk_Fz-41XD_82EFTx-nUrDlL1GAmSl30blPxy1eZ53VsL6KWogE91DHYZRBPHK2TJY5v-QCyMw9xeQ8vuM94AIMhcFnj4MtKFDx91dOhlZ6slY3-IZHGnEOq4avrie8CZc_xgQ7WfMz_sOLxLKndtsL7-mUjf2jrRHMzfs09xKHTetRfsZ6MMcknKYFnpL7GYAFsQnyf2NP5bHcsj1GmSj7ZQcM0uXv1SKAIQ5u4ViFfgNC1bNsprOC_AC22KTVwOxrOO6MgKrG-&sai=AMfl-YSYWm2qYFWJ6v2wMwURVPJKNdpOX2_0Vu9O67eudGcPAxRLRumK6sBPTkGbBwqCUL4_wqqtVGRH_r4Dk_R_i9QJe8S5A65boQazLN4dc_jExlL6CSi9vt_HVd4F-mk&sig=Cg0ArKJSzNfdG2VgbI9NEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 646C 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f72291d12d370d076e6db229a470548e53abf65526bc797fe82b0c125940a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6556
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 85D7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d27e23e2aaf8e6a0495c93249808f139f81ca7d91422f3f51a44b91442a2146

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A33B 0
0 70ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3JNUxJoLTCzXXBlB9hwDFRjIuOkrQr5vi-v4mpRyXCHcce2jvoom4AgmmKNxx4JIGyKVyX8KXzIEJ2bhNBi7Nhj9tuOwEijRV4vFSTlNZEN7ZXVfDr79bgyNkS9srtn6d_26QNDlFH_72YnmPlTS2wzfnWqDDiYtKcfcKQ9eftI6TB_C9Kw7b1SL3vZbgwghHIEQBZ3iK9Tc-Okf4VoOvyhx3dQFLh79UViTrvCySl6Mus1xQms1iR311A7uR7USi1wZkNWrZVUZ5pJkfuG6nzyE8gFFdgkHKMNACq2snZ_k7V1c_z5XiTlQRh9Ks00w&sig=Cg0ArKJSzN2rCoIQKv4QEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B34C 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 12:20:58 GMT
expires: Sat, 19 Mar 2022 12:20:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 /
www.facebook.com/tr/ 0
81 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5OfoskXAt9n6CjL4

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 19 Mar 2021 12:59:29 GMT
content-type: text/plain
access-control-allow-origin: https://edscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 646C 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85D7 0
0 69ms
69ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvamW8dTyrYl66b0WVDtHBZaCcgYHnkSeeqIp4fbeWYEN35AUhk0qoMwLWbOc9GqtrMHyuO23w4iX4NAa3PCo2DXYyGPwoKjed22zSj9ev01UA_QoOfARyd-P4PZ9Q5EDMV_SvkWBNtwLF2xgMnEKBiZF0KVJK6MIlemICd-x3jTLrh5fTM8Q_8F5KeuV-AbOA0ru0O4RRL5KuRqWiealUvQ21uSLj_778Nkj65bdXlpZn99iQFJQvDmITMNWxHtr8gqFJQ3JFmIgXeuRY6vXgAFsupJm_clL9XZ3sZ-RFUZJ4_hePxqZL1OmUdYrs0&sig=Cg0ArKJSzLVMOinSTxYUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 296F 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e2e2d8869e3c654c3d835e6ea93e355655825b00fc7d0acdf59d9e6858c6189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6559
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AFAB 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740c638b2cd0262d779a150c56ccce0c2b0fdda2b084420a07303e067d79ed28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DF52 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 12:20:58 GMT
expires: Sat, 19 Mar 2022 12:20:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame B34C 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 18029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:59:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 296F 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame DF52 14 KB
6 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 18029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:59:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AFAB 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:59:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B88D 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 12:20:58 GMT
expires: Sat, 19 Mar 2022 12:20:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8937 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://edscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://edscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 12:20:58 GMT
expires: Sat, 19 Mar 2022 12:20:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame B88D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 18029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:59:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8937 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 18029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:59:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 238ms
156ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Fri, 19 Mar 2021 12:59:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 28dae16526195c2d208798a8e3faf9ac
x-transaction: 00e8494c00d1f173
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
852 B 38ms
21ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=55fc3284-46d3-4efe-85ec-89bd533919c2&fci=521e53b5-b3d4-4c79-b699-a6c73050bb1e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=2153467&rcu=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&pu=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&t=Buffalo%2C+N.Y.%2C+schools+resume+classes+after+ransomware+attack+%7C+EdScoop&cts=1616158770124&vi=c4ea1bab2521f8b7bafdf95dc15d3d45&nc=true&u=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&b=114028632.1.1616158770116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6326e0d96dc74e38-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 08ec2adbe400004e389331b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Or30V2zLZiDvBT67F0g40zsrgShKN07xKzxYVDNvOZoM1fO641NB7YlgPHezvIKAY%2FIKug9ekBDt3ok5r8XJrmKvttL654CRBbaVsOH9PDiT%2Bc7uNbhd%2Bjtm%2BvGP6A%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
341 B 38ms
22ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=2153467&rcu=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&pu=https%3A%2F%2Fedscoop.com%2Fbuffalo-n-y-schools-resume-classes-after-ransomware-attack%2F&t=Buffalo%2C+N.Y.%2C+schools+resume+classes+after+ransomware+attack+%7C+EdScoop&cts=1616158770125&vi=c4ea1bab2521f8b7bafdf95dc15d3d45&nc=true&u=114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1&b=114028632.1.1616158770116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:59:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6326e0d96dca4e38-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 08ec2adbe400004e38c522b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KKNemnQ27XX%2F7WgmllzWxYhvEkXuNBtbPkWNnMVoLfXqZbXMbWmw3jNA%2FL1rpKoWV8JjwSEFdHrI5RtG%2FcB%2Bc91q5yX8VW%2B87ASv7DQ2SbizXZ6O8gOO9JHs7jYZfg%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 646C 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031801&jk=144060510810431&bg=!0tGl0ZXNAAbUo7L91KM7ACkAdvg8WmJ4KQXnZOCbjusb_TRn47uDuHnsjCvyWD23tqdjNYvAcp2KgwIAAAEnUgAAADhoAQcKACtUTvvxXi4f6lGVSW2ISXcOXB20qTjutflJX4woocZBu_6RU9FiiOkarEwZmQHmbqmgE_0wMKeYWQ0HKN0TpMHtPDKs1H-83AROWKB8FM5tEJcg9HunThBJoK1fpTNx2u3Yf14TXAxQbMC1P5XvNkz9XYiFwtV4jdYaCaN0wP4sqKXxrUsNMAkG71sR8vircl-jcw-TkEILY5iED3fWE03f5hfZhff-f6O5-mykEkmD_dGCb21MsQH7YiZAAAbzPQ1vr-V8fuLT7OXyXp0oCY-hPP8Et-FrDp8zPY9KWzMMpLhAD2qX0ihmDAWhcVLPnFvTs--4iWhkh-fZ-tkrJBMbXCfHHAjacyCqrIOqaIdBlpwRxEQzpnuvYzZYk6DhX11lVouRhgLjpV9WFKLZlvoUkwHou7SPEH_zgN6LaOLVyGVNY_r78N5CSFbxYa0v0ato5MmO8EklyIrd9Sb9FpcslCDbRg8lsxV_UzJnd5wtwOKzsSV7r6t0w0Br4Ggdm3Mt8iSV93LJwfPSS3l2-25znxUpYDLeCU5lGsn71eOkAYskoEcIDO0QdEumQ6pxNbaJsjTzg3VVDa_XCkiBzU7e5gKWJ1ZhnRUz-AmvFvhNN71U_AeWl9lI-QmrgOLEuLopFYy5BDEDg63S4fTqtOS1WouuOB4VhScDkhURNO5qklQu17S800h-hSokgTxWu_BVW_Cq

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B73A 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=547215848510750&bg=!CgmlCU3NAAbUo7L91KM7ACkAdvg8WqXf4cFpJGAQEX6N2AZjg9HKZ05atNNK-CiKeCHoj4xuhAt4wAIAAAF1UgAAAB9oAQcKAHlseq0BmdTp42qc0ao93oVaH2i3uE_GnyZpjfiiSK0OF6tJTXNktqsxiC5AN41S0yCU6Y90h3u-MQ5aR1Y_n0hzYrPR3TlZfVAyVuc7LHdzYxdCJVv07-bQfJWrqPlAHxSAvchUCoC9XY6rM_iBd5rfApuRYngXkGfpmQH1rBnKg6dWJWUvHUY3gVCHzaB_ieLyAKuptsbg0JD9lo7LjZQjFv87r-A_OpP6XgEOg1q_jnDrfcB-pXLPaTQyJL3W2GygJ6R-xwypjkc6fkcG117l2CJkZUVhHeRAagDu_Pz1xKnfxG-K-ygJX1xMqSLHB5cjZbpgtCa0vX_LIOQHehcTZmoIO6BIVNLyJh0Z4Rr28BNxhodlJBNX4JLnAtsKACWrb-T0ZmFk-u1HFF1khVp2DT7YlwDGOj_gem5xgOUp6CzvTqDpNYcJvB3p4xDrJdluvR-1twxMHI6HE-MWYTHr_we-zMVXoU_3vlgfEr9lXaRV26LL4PpQcSZaNUGKhG4DTZtuXNR5BU-xKYEjxUtWl7Gj8rJ6yxDcctJ6lScwiFq7CQzYxEx8J6K9KHEZBGMsMeYOxXHMk5-eQxYVRxinJvJ-hhYF-sGpxmmEkF0EjjgBJC2b1yFj9yLjNtyxvI9HeUDuYZLPWMrOsQc95MOCcMDSkMBPtXXzslUNcYEODjbxedcaLrqBFOxcwoL8LuoIh86oXaJw08Zn3kXRWLOFgGmUi4Pw6hUGfVd-mUktrY2UcczYRBTrWtIATBbdwoU7Meo2BcjNovZVlOWVhmQyeVIimwscrZ3Wr2PGnSrKcDI6D9RyTSZU_L1PWyXQsu7C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 296F 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=861770341108159&bg=!-_il-LzNAAbUo7L91KM7ACkAdvg8Wm1E59Z20meD5ZADQuQQCT9FSbFFDio78OjdnVABYQELEAUlAQIAAAE-UgAAAChoAQcKAaPJO51Eg3o3_bSfr62pyE51En1ZvtwMj5NSmj57l8at7dau-iiXtpOb2kIW_az3XqyVpmctyGm5TVlQznhljQyrMAhRd-q4M9i4TcxLjllXBaPXyreJ46qpprvhyCTpMiBbDVui184WwoDf2JF_1ElMK4KdBbGJRKsYU7MgDJjiHqLW8LVSBbkddTHa0_4o_INkMJaoEXwJUuud74TdXWFZBN8RIngEz9YPz9hcucmxLwpoXwOwys-rY-UkCHMOGvpIo4o4rLXCjdR9R_0QzC8TxDdrbkYTx9lIqa53MlYSmIN6czGMouAecmfDGrgT4OeegWhEMYX689hwnK6WnWTSFDV3Yg2phHXRdAXtSvlK8KMgKc2pfJwz_Zx0z4rU08BAcJnfCdroe417e7kOudmP5OjYEXRulGnQQlLgUqUTv9O41yn9vPNNeAO2dhcoDhLcIk6j9jNXH4qZ5iwqszSSGbUwy-TV4U76Y1Tfzs4bsD8txROH3cEfaNsXp-uzlOTtCsI6rBtPNNZ1MPR42GZFkasclSh-jcQCnc0Q6XhrBficUZkB3Uc4LLoXsmCHX8pHr0pcrm7OUah0oApBumAL1sPFXf-R2ivnkUtHOy9zRdfuOXrvrAfWAweE_FDl1-YrxXoguHgKRaFElSDWVI7hZmj6yhJpF_sLBysrPVNbyNyjUH6935nV3zQVVqp6HU91lpoCyPDsrgM4fQSJDUxdEAD9NyGgXK_hM9nH-AeETkOZOUw7nIo4R4cEdUHa413rnDPBzP8ejeN0VVD9PeJQIhQ5NQNXrEvQJ61DKyAkPO9UHCmz8AC75LqS_3B1s7pOgpy3NDpGDv6yuqwMKWAueUzvlmyT7qJNt9mwd2nZOvbGSGpON2PDkVxGjrOjFhXlv5Tf1nb9zGDkBpeuSsrlbTpbEr5-8yDRQpAmFAm0ZLLHmCbH7Cs7e0Fe-0_GXHCzZyLkry7iPyYklGKpfuwd-aoYfMRqIAMVV5jucQigVSmgJr8qfTS1lMCr_frPpGUz3qjEHtdxiijgASQVJsbLYwAKGQW34OIFU9CDtffiA5mW4GkLFiwskRkVgW1NEhahwRdFvn9tWtiMRcSYjk6GM5YpwQIxrhumawv4Fey1En2mg32L5meecykZHdTv23DFurMuvkYYo940Y1IXZ8OxlcdPJrX3QBmvxQCCAb-TkUDFLg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFAB 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=2932988601657775&bg=!_v2l_bnNAAbUo7L91KM7ACkAdvg8Wkzf18XOG2nJ1DHfJI2uWAE28A8CaI0DBUeOYvzovyfguuyVGQIAAAEkUgAAAAxoAQcKAZ-Xuwdz_AMKAshGO5OReVJwjTquKaXfKmdSKB4SM9e_--IN0vv9GykPo_WVy-DpP5PWJnHarXmXfXoFJcmn_pjkI31eBYhaTr3cbxkxl-ZXWwfMhPuqzDq85k9NVtfChK1_cHjGW4Anq6jMOt2qfLjQZJVJdVZU0Jmxq_wyW0CE4KwQaZENdYJPGQkWmskGp1RDmgPk7cfefc8v4EvM1I6TJbWqrMYVYuMsA-UxAqiIaWLVRE-G90Bf6ybl4_67QmFv8hx15Jo3SEht6qupjOWD7GL2fXRTzsyDKBF88pPW-9XiRG4XH_cbNrthbjbDzosV96sDHw1yDRNH4zDiOvpS6VCn5DD3mjfj5NCynXNLUDuAimbYcZvciY2OZw2X3-dm0uXOoYaOoIofMDLwB_mnLjDiCqo2MpnL6DVuu8qzLckkv_NszBI_DXg6khoqlciTl7Wp1peCvN2XVihie3DQayrhaB7VvfRRe66a1L1pvC3jpCRweXcZwgLGqbMUScUvZcg8K9RuSVUKP9ckWNhjp76klrij2R22NoM_eT3amQH6HFRchjntbDcOa8Zi7TVnhjXoGKjAbKOwn4-BCuTSqqRx1jCyMSBR__FmCuErlSpjunoejssLFFIuad8QXLy3wrcKwL4LOaB9mUdvEDnjyODtwM1M1JJUfyCNzOZhULaDvCHcznNnMLOJox1KX9v9Ym9BUai85zQ0M1r-a7vMciauRPR3vWBI7R0TsfywW4uADJFGG8C9k5TK-epXLuGlMtc-QtkB_1W73CVWD3N3Fl0kOg9gxidLgHqDXZclVuS0oVl_6Esn38NA07HorEnyHmFvYg5Op4M3-PPOWfyarceTCmuak8wN2kDW1FA5BDPoOF27Cu6oqGLml4NVofcGmEgKXNmovt1NwKDGzEtUeiCxyrvBqejtdzLj5niBYwnRPIJt9w9iAQ2i4ULaDIj5yFWw93fBS0_tOzwwv-5dI4JZYO_LgjL6JoCkzdayZeJodOHo7mckWAoneny4VoGIpknFx46rOHDx6L2Y7u9CqaqrUBRKGH9CfTo12bBSdGnqEp7FW0SH2-qglgVBe4-5SyUGLoqT7qrsSxDtCHFFN2USVfQui5W64TrUfYHntrMpVR5YEKyPGM8eByLyOMkbdrNwRaFr9rK2NM5yf032JYsEqaWA3guQmraDaeY8dUCCiQQPggEurJaTmHXWkxhRgHnaQMCIexFaEeQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A33B 42 B
155 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue188MqlUCDijEfv3MMUDf60IIsZuMSAoaHcsqwR_QibhlnyN-fH0I5pwQ0NCPOJ4ZN2Uw2BtBRsH6iT4skpUNvS4_zRAXYxpCci06FUM&sig=Cg0ArKJSzEgmVnMk_ikOEAE&id=osdim&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2597443955&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616158769427&dlt=0&rpt=286&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:59:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.edscoop.com/	1970-01-19 16:56:00	Name: __hssc Value: 114028632.1.1616158770116
.edscoop.com/	1970-01-20 02:17:34	Name: hubspotutk Value: c4ea1bab2521f8b7bafdf95dc15d3d45
.edscoop.com/	1970-01-20 02:17:34	Name: __hstc Value: 114028632.c4ea1bab2521f8b7bafdf95dc15d3d45.1616158770116.1616158770116.1616158770116.1
.edscoop.com/	1970-01-20 02:17:34	Name: __gads Value: ID=8914e8cd2bcdc4e9:T=1616158769:S=ALNI_MYkOL7WHTPJ1XiW6Hzm6fZyAL6vGg
.edscoop.com/	1970-01-19 19:05:34	Name: _fbp Value: fb.1.1616158769151.2092261595
.edscoop.com/	1970-01-19 16:55:58	Name: _gat_UA-66363613-1 Value: 1
.edscoop.com/	1970-01-19 16:57:25	Name: _gid Value: GA1.2.69463655.1616158769
.edscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.edscoop.com/	1970-01-20 10:27:10	Name: _ga Value: GA1.2.927072102.1616158769

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VX3T1B34Kl1DW1VYfqc5rys-2W2qd3df4plnxTN1c6sq92-G-5V1-WJV7CgKc4W4CJj--66g5QcW6dWTgB1NgZ8qW3dfgm45cx-qBW4kjWjh7Gm7yKW6ZgnYt2ww6tRW6BsYsV8SHMSPVWZG-J7S4bhNW724vhx8sXHGDW1fdsnL5Sn51nW3v6qS-96r7YDW7mJyNJ5y_VQpW4swfTM1MYdBcW51bXZ43VTSXMW147JZ375dx5RN5M-sGp1VYwVW1tlGGp7Kpcj-VYSkkG45zbLlW44GvBD49rMt0W4QzYXG77c5yvW6l3sB7114Wyy3n0T1(Line 13) Message: toS
console-api	log	URL: https://edscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://edscoop.com/buffalo-n-y-schools-resume-classes-after-ransomware-attack/(Line 754) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

572a14ebc17bf1a30fd2acc3d9c84a67.safeframe.googlesyndication.com
677e7e1359267d19138fba3b4e3d085f.safeframe.googlesyndication.com
96d5e5eef8c4ee485984da369f5b3154.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.twitter.com
connect.facebook.net
edscoop.com
f41456d3219266304a31a80cfa5ef159.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
px.ads.linkedin.com
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.3
104.244.42.5
142.250.186.162
151.101.12.157
199.60.103.31
2606:4700:10::ac43:2794
2606:4700::6810:5905
2606:4700::6811:44b0
2606:4700::6811:ba49
2606:4700::6811:d6cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9b
2a00:1450:400d:803::2002
2a02:26f0:7100:18d::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.169.207.77
52.216.0.107
050808251b4908b1f41bac07ad21fff1baaf960e583723fc2ead6a5d2f2d96af
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
0a2e80e927c089ecbb6e10373bf8886584e711e762776d37e8af43be2b67ab92
0c2abe7b6a419b4d2f20460ce921584485e200f994af4e3d0d12e63fdf044a89
0c945e5e93fdb0f8046ca2e7cef7a2fefc77d76b20b4d90b5e2bcd6a70151954
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0d8cba53404a5f4ff13eab904738b5cd49b638cd24e3b7d4ed9123ab73c720f5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22df373ef10b4d38afafcf06c40685cb82d2c9a3b4f8360f1eec2f888d55b370
234f350923af29b3bd85927dd8ce05124dce9ec469a9973ba62ad51314836c88
238a0dfc2120b106897fa306bec3267cd2338bf6c0264a2ae8f2c242a4176eb0
256f647ce9107e109bb11e8a21213de29a6fd4d19b234a3adacb8a87c12a444e
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2c8abd7b2efffcf9a5f9e9240ac96c15e80170e8db19013e5cbe5a309bf35299
2ef80483179805684ca0261988bce90ce72d6f4d82c0ad7411693f6acf8e9a0a
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4c141deb37425710e05b3ddcbb9c7769066714a268384edb2daf92eee2f83893
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4e374a9109895e6361d503dd3db8196940cfa8aa8e4cd66d0a6007301b1c60b4
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
55f6e50cee0ba1439ff00385e678bf78fdbf06f566f5d439a8fc2bd5dd87db1d
5d27e23e2aaf8e6a0495c93249808f139f81ca7d91422f3f51a44b91442a2146
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
602a8fdd3fb782c7e4715c3fed393d03da25b67bbb2b98d7deb3882aa78db3a7
6e2e2d8869e3c654c3d835e6ea93e355655825b00fc7d0acdf59d9e6858c6189
707089c9677a5eb7c4f3d8a16b02ec9dc546df8a0149f70500eb4b243f91eca4
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
740c638b2cd0262d779a150c56ccce0c2b0fdda2b084420a07303e067d79ed28
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
81812b82c46f4d1da83d2eb720e575c6023089e7617135009426936f4cffcf63
836a402eb56d475a483800a04f5b9cd0b34b0d4681298b2029dde7298b156621
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c132f7f5fb8015d15a3d163fbbf84e4b244e951536552753086d391a39c788e
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
972e698ec868a7069fe313008fb0dee5416742ab810ae6a7c24161c1b0ce695d
993fa436cce7cc241da55d59d8a528fd3c767e5ea0aa2c42f746d2d96cee8ca1
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7de6c102d55949d16389420fcddc21b05761909b6057b3d8cc48672c9a11314
a8e6f721a9be3d9ecfb1ca1b91763f485d46891e1ca27ba1a3e2f9a2563ddee6
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b14ec5358bec82416ff67fc3c92bced95d1f5496b6c246b3ba2ddb356aebac55
b47cf926250cb0e1fa31d33689857d38323d9a74f685071cf24860bcc877f784
bae6b5aedb607bbf807360252fdd542d9e53bd32f206fc79f6809998fdcf7966
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590
bf7a4443c5996925cddd6434b54942ecfbb55832700743686c42a6b239450831
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c363bed3b3e9a9748273e0f55e90e540c78f3790f7485f8dadd167a77bcc73b5
c756615805b403bbad81204cf11bd9128a8b8a1b19f9cdec99482304242382f5
c7eb794dfec53cf6015660dcfc09d5454681f25777c187dce636723390e776d4
c7f3526dcf7e8e126b047ee2c6dd11d4a061f9cc0c3cc5e2b7b7c22237fe73ba
c9a97554ba9d23f6d4529f6576044c8650daeb476cac9f9b8558c0b266317a5a
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
ce94fc22f7a84e29dee7d91e62407673736134f3229d96e7421aefeca34fd823
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd116130a76afb37719b8778732d43287e022df660deafd8dbf94ad7cf9b6591
ddcc5e744d7031eb7faece02a085a1363f8034f31b4c9b945bccb1acb9c34bc8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e67174640462cfafc9e7dadb0f1ae4b930a564eb910bdce4c5a963e9efa28212
e6b3d6448965b7d0da98cc0f3e5aa38ff44a718edae01106251782ce704e17dd
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ecc360c0058a16a7986c70eb88ee4e7d6fe8100d331abd15c5e3709618733616
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f642d14aab56bd36c17c459ef7ef258a72745a80e759a006681451d4ef7c6db5
f72291d12d370d076e6db229a470548e53abf65526bc797fe82b0c125940a4ec
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe8880c7612f3eb6da12c22cc030ebb0106ef4b0b1b63ff286300e5795a42441
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

edscoop.com Open in urlscan Pro 35.169.207.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

100 %HTTPS

81 %IPv6

26 Domains

35 Subdomains

37 IPs

4 Countries

2378 kBTransfer

5511 kBSize

9 Cookies

20 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

edscoop.com Open in urlscan Pro
35.169.207.77 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

100 %
HTTPS

81 %
IPv6

26
Domains

35
Subdomains

37
IPs

4
Countries

2378 kB
Transfer

5511 kB
Size

9
Cookies

159 HTTP transactions
6 data transactions