cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:2bc5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybernews.com/news/pendragon-record-ransom-demand/
Submission: On February 28 via api (February 28th 2023, 2:16:34 pm UTC) from US — Scanned from DE

Summary HTTP 151 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 28 IPs in 9 countries across 33 domains to perform 151 HTTP transactions. The main IP is 2606:4700:3108::ac42:2bc5, located in United States and belongs to CLOUDFLARENET, US. The main domain is cybernews.com. The Cisco Umbrella rank of the primary domain is 296072.
TLS certificate: Issued by E1 on February 24th 2023. Valid for: 3 months.

This is the only time cybernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:310... 2606:4700:3108::ac42:2bc5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 24	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	2600:9000:211... 2600:9000:211a:be00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.46.11 52.59.46.11	16509 (AMAZON-02) (AMAZON-02)
3 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	18.195.137.14 18.195.137.14	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
6 6	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
151	28

12 2606:4700:3108::ac42:2bc5 (United States)

ASN13335 (CLOUDFLARENET, US)

cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.cybernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:be00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.46.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-46-11.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.137.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-137-14.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (Castricum, Netherlands) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	140 KB
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	1 MB
12	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
12	cybernews.com cybernews.com — Cisco Umbrella Rank: 296072 media.cybernews.com — Cisco Umbrella Rank: 427522	95 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	74 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 510	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	194 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3505 onesignal.com — Cisco Umbrella Rank: 1365	82 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	459 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	89 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	961 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	529 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	795 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	877 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1367	486 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1865	572 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	157 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	340 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	464 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	554 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	605 B
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3323	31 KB
151	33

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net cybernews.com
18	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	cybernews.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.google.com	1 redirects cybernews.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	media.cybernews.com	cybernews.com
5	cybernews.com	cybernews.com
4	sync.1rx.io	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.de	cybernews.com
4	www.google-analytics.com	cybernews.com www.google-analytics.com
3	ups.analytics.yahoo.com	3 redirects
3	r.turn.com	googleads.g.doubleclick.net cybernews.com
3	ad.turn.com	3 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	onesignal.com	cdn.onesignal.com
2	secure.adnxs.com	2 redirects
2	sync.teads.tv	1 redirects cybernews.com
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	sync.targeting.unrulymedia.com	2 redirects
2	c1.adform.net	2 redirects
2	eb2.3lift.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	match.360yield.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	cybernews.com www.googletagmanager.com
2	cdn.onesignal.com	cybernews.com cdn.onesignal.com
1	onetag-sys.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	img.youtube.com	cybernews.com
151	43

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.tiktok.com
flipboard.com
www.pendragonplc.com
careers.cybernews.com

Subject Issuer	Validity	Valid
data-leak-check.cybernews.com E1	`2023-02-24` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.cybernews.com GTS CA 1P5	`2023-02-17` - `2023-05-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://cybernews.com/news/pendragon-record-ransom-demand/
Frame ID: 3C1DB8F1A318DE7EC7ABB9185BC76E46
Requests: 53 HTTP requests in this frame

Frame: https://img.youtube.com/vi/pzpJ8Xu3lnc/hqdefault.jpg
Frame ID: B2C0D37236089D987DDA827C60D0D3EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: DDB000072DAD1DE367EE77FE2113821F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1677281609&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787818&bpp=4&bdt=277&idt=284&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6202756512640&frm=20&pv=2&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 526F04E5EBC0A095B5C47D90552CC14B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
Frame ID: 9A787AC507B4E0E16ED13F33B7843B53
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
Frame ID: 4B31555D748F46CABB99AAE371E7B03A
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10190EDAB6C4682FCA6D8A459A0C14A6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55BB4317E964F5226476BBDBC7FADE3D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 310EDFC9267D84FDEB00A377ACD37C2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Frame ID: FEF0BA881DFC46428F580EAA507231A2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4776E86F9403888273FB1C753F767A4C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E581328CD3197ECC6A12480F45106B69
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BECC5AE85E110DC72DF652F86291B6D9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA27A6A4D6182628603E1A538B2504BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: E135F57F26D32F401533AD1929B688C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 8DE5B9660570688E55C4742361A2F4C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3BA0173662506E45A51EC9D7C2B4FB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5E7EAC26CFA03C0EEC8F3C08073F3F0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pendragon hit with a record ransom demand | Cybernews

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

151
Requests

87 %
HTTPS

56 %
IPv6

33
Domains

43
Subdomains

28
IPs

9
Countries

2163 kB
Transfer

4566 kB
Size

40
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CyberNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cybernewscom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CyberNews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybernews

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cybernewscom

Search URL Search Domain Scan URL

URL: https://flipboard.com/@CyberNews_com

Search URL Search Domain Scan URL

URL: https://www.pendragonplc.com/media/security-update/
Title: statement

Search URL Search Domain Scan URL

URL: https://twitter.com/AlvieriD/status/1583467922768334848
Title: According

Search URL Search Domain Scan URL

URL: https://www.pendragonplc.com/financial-information/announcements/letter-to-employees-september-2022/
Title: September 27

Search URL Search Domain Scan URL

URL: https://careers.cybernews.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFwlUyRTMOxXyDLciZ3X7Sc&google_cver=1&google_push=Aa02lx_y9LB1aVbqwJvP7LF25D_yqh9h8ZFx4vsC1A-OAP10OS3CIJBxWzvl3BvRRhwHlf9Hw4iVUu93mKehRtF79vyViYsAwiX5D2iU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

Request Chain 59

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_cver=1&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw0Hp0NzkDkBs59zqYbPDPMT7m6I6PUPE9EebT02fAF-qEwPDdUG0VwHwszyPbUaJySh_ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw0Hp0NzkDkBs59zqYbPDPMT7m6I6PUPE9EebT02fAF-qEwPDdUG0VwHwszyPbUaJySh_&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_hm=Y_4MvJy5rIdHkBSOOWQ-3AAADIIAAAIB&google_nid=index&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw0Hp0NzkDkBs59zqYbPDPMT7m6I6PUPE9EebT02fAF-qEwPDdUG0VwHwszyPbUaJySh_

Request Chain 60

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEALqfK2myKmyTiwKmPYof0s&google_cver=1&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WKeb94AVnvI-BTWqXK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WKeb94AVnvI-BTWqXK

Request Chain 61

https://match.360yield.com/match/ebda?google_gid=CAESEOFGfb-W3eKiZf5YrxrKfVk&google_cver=1&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18XTQJkISks4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOFGfb-W3eKiZf5YrxrKfVk&google_cver=1&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18XTQJkISks4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K0NBVH3gTnSem33gFNqWYw&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18XTQJkISks4

Request Chain 62

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIYHqOMlS8xMQNdgYSxpcWU&google_cver=1&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SOaIXLIzdDTqHmqbVNaN8eG3yhHrNCF1HQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIYHqOMlS8xMQNdgYSxpcWU&google_cver=1&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SOaIXLIzdDTqHmqbVNaN8eG3yhHrNCF1HQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SOaIXLIzdDTqHmqbVNaN8eG3yhHrNCF1HQ

Request Chain 95

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO7q7y1I4y6J0Hy2Tm6GwGY&google_cver=1&google_push=Aa02lx9iMESqZOU52MHC38TWevtBKCTAp8hnqk_31wGOawjTkSZcb55DAWs1ekdeQ6h0tgJIJ3dHQ_MSNBgnM8zbwlsKAJmHAUgsa4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

Request Chain 97

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJaBJR_gtL6kv2sHoKnYU30&google_cver=1&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3c_akQncNWon-ZrCi HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UtnZIILXRdyrr9g4hQxckQ2&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3c_akQncNWon-ZrCi

Request Chain 98

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGKbNNIkHB-TrgEpdZLuEY&google_cver=1&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGKbNNIkHB-TrgEpdZLuEY&google_cver=1&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV&google_hm=atWJWIobQ6Kbw5PJlqx5ag==

Request Chain 99

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDJjOwG1x2mLleF09CNhoI0&google_cver=1&google_push=Aa02lx8Y88ZJw7ZKNGbBIAzdqsyT7E-HLU2yQntIvQSXlQccqib_ABrX5FnS0lluM6jbLaGQm6GBusc9acSKqZsYVZN--I5ZahnkLSg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDJjOwG1x2mLleF09CNhoI0&google_cver=1&google_push=Aa02lx8Y88ZJw7ZKNGbBIAzdqsyT7E-HLU2yQntIvQSXlQccqib_ABrX5FnS0lluM6jbLaGQm6GBusc9acSKqZsYVZN--I5ZahnkLSg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iLUj6K7bQiqdigsaiCBptQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8Y88ZJw7ZKNGbBIAzdqsyT7E-HLU2yQntIvQSXlQccqib_ABrX5FnS0lluM6jbLaGQm6GBusc9acSKqZsYVZN--I5ZahnkLSg

Request Chain 100

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMrzyIUxHkTJmuvgGByrTxU&google_cver=1&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz-7Fd1ZUE8p0q7cLs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz-7Fd1ZUE8p0q7cLs

Request Chain 101

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ73kZBO1yYPkvHvNbAg8qk&google_cver=1&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-IBwyZ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-IBwyZ&google_gid=CAESEJ73kZBO1yYPkvHvNbAg8qk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI2MjM1MDIyOTU5NDg4NDU5ODkxNA%3D%3D&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-IBwyZ

Request Chain 127

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECTMLAPxV-fnLx7qL64ZrfQ&google_cver=1&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepxlaBPYCQNPWzoLTUnkbXO4pC- HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECTMLAPxV-fnLx7qL64ZrfQ&google_cver=1&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepxlaBPYCQNPWzoLTUnkbXO4pC- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODczOTQ1Nzc3NjM5MjM1NjIyMw&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepxlaBPYCQNPWzoLTUnkbXO4pC-

Request Chain 128

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM1X0Cg7ECPeuMruT9Hj3JY&google_cver=1&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQdHw2SyzSt3Aktj9eqnsV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQdHw2SyzSt3Aktj9eqnsV

Request Chain 129

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF-iuK0W7ANrmuTG83gz4Gc&google_cver=1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677593789541 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0af168a7-9015-4961-bc5a-671397274c38-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k%26google_hm%3DAwrxaKeQFUlhvFpnE5cnTDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

Request Chain 131

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKxw4d3pMLCYAglBOcgtjqg&google_cver=1&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5bEoRDka2afZyVQ9GPUS64RC0Wy26zOeGU10B2VQIv8H93sUpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5bEoRDka2afZyVQ9GPUS64RC0Wy26zOeGU10B2VQIv8H93sUpQ

Request Chain 132

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJd-NlSKsQ9R2CItJkTgnso&google_cver=1&google_push=Aa02lx8sTStJ2bzl2RvGrIBeBGxaNs-8wCYl8oJnnqFeqdrXBI74aol8OKu6JYozGpBM0o_wkDVEgdGb8sjGv9jH1Fq6yZl3b0oudSqm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8sTStJ2bzl2RvGrIBeBGxaNs-8wCYl8oJnnqFeqdrXBI74aol8OKu6JYozGpBM0o_wkDVEgdGb8sjGv9jH1Fq6yZl3b0oudSqm HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 134

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1&google_push=Aa02lx8yQFd9WGA7VnhK0SvTJmSiIsunLLf2sX6Q2-mf9dlUIfEm0ho_PLHf_P-OCl9G51BVfOoLcNXBbuXu6RLxGvtilB_TzKh1YNs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

Request Chain 136

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGDPP6SLrsqanidyJ671x1U&google_cver=1&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8GsdGKG7XnXF97wTQ0ss HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8GsdGKG7XnXF97wTQ0ss&google_hm=hmP-DLzLJTkmkUH13Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63FE0CBCCB2539269141F5DDBLIS

Request Chain 138

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF-iuK0W7ANrmuTG83gz4Gc&google_cver=1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677593789541 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0af168a7-9015-4961-bc5a-671397274c38-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I%26google_hm%3DAwrxaKeQFUlhvFpnE5cnTDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

Request Chain 140

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub43DHpYTwXzg1fh9ze9rtPdYxrQgh1ObwgP08IgQtVFndFG-ZM4AipAEh2zWgKTXJ7MQPTRS3JkgQrrdVvIsdaAP HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESECu98FEGjorbA-rEeJsXoD4%26google_cver%3D1%26google_push%3DAa02lx_CHI9fCabub43DHpYTwXzg1fh9ze9rtPdYxrQgh1ObwgP08IgQtVFndFG-ZM4AipAEh2zWgKTXJ7MQPTRS3JkgQrrdVvIsdaAP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc5NTA1MTM1MjMxNTE5Nzc1MA%3D%3D&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub43DHpYTwXzg1fh9ze9rtPdYxrQgh1ObwgP08IgQtVFndFG-ZM4AipAEh2zWgKTXJ7MQPTRS3JkgQrrdVvIsdaAP

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

151 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cybernews.com/news/pendragon-record-ransom-demand/ 238 KB
29 KB 644ms
609ms Document
text/html 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bffe747b1ecf8fa12f12a9960ef6a3ec5b4e61adc3b256fd14a4b17dca54901

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 7a09c7305cf13a67-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
ct-content-bucket: News
ct-content-type: Editorial
date: Tue, 28 Feb 2023 14:16:27 GMT
expires: Tue, 28 Feb 2023 18:16:27 GMT
last-modified: Fri, 24 Feb 2023 23:33:29 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 71ms
26ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 563
etag: W/"5ffd70753209ca4d09cfef90e7c44df3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7a09c7349a508fca-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 14:16:27 GMT

GET
H2 200 base-9bd202b6a2.js Show response
cybernews.com/js/ 23 KB
9 KB 41ms
40ms Script
application/javascript 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/base-9bd202b6a2.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f63e271056ce6a47a22f4676897b74e5b67f8f8244cc49a07a9a6dd6d256e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 4880
cf-polished: origSize=23850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 27 Feb 2023 09:32:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63fc78a3-5d2a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a09c7344b603a67-FRA
expires: Tue, 28 Feb 2023 18:16:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 174ms
87ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8bff6e2eee5705d45a8913baca4f4359bec8d454c93f1027d083c23e88e07a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://cybernews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49369
x-xss-protection: 0
server: cafe
etag: 1207391770873489491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 14:16:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
80 KB 122ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2b508daff2d04ade9fc47a34abc0616b6ec13e897080db2524223a1511198b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81126
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Feb 2023 14:16:27 GMT

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6976b1e225d48e5e0097d79498a99fc73f8b43cd4b693080aa5f6960e1ce50e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/pzpJ8Xu3lnc/ Frame B2C0 31 KB
31 KB 208ms
39ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/pzpJ8Xu3lnc/hqdefault.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c98be46bc314c768cb8f12ed5c3440f3466652912ffc53f8c7805ff3fe2e3b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:49:28 GMT
x-content-type-options: nosniff
age: 5219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31334
x-xss-protection: 0
server: sffe
etag: "1668069581"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Feb 2023 14:49:28 GMT

GET
H2 200 Vilius_1.jpg
media.cybernews.com/images/124w/2022/11/ 3 KB
3 KB 77ms
38ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/124w/2022/11/Vilius_1.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacc97df9ec60ffb58660ab9689ead87ee1ba0a0b77069b6001ab462c92019b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2702
cf-resized: internal=ok/h q=0 n=8+86 c=0+0 v=2023.2.6 l=2702
last-modified: Wed, 30 Nov 2022 13:47:47 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf0aQKaVDa1oll4WJrvcOQKWPxu8a78mnQ6fWd3Ow7DQ:36ad641a3e43fe2cdf8a477c75b93baf"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d469a09-FRA

GET
H2 200 Pendragon-LockBit-Ransomware.jpg
media.cybernews.com/images/750w/2022/10/ 20 KB
20 KB 303ms
265ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/750w/2022/10/Pendragon-LockBit-Ransomware.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed0f8cc940fd223294fccf2ed87b9f4ac4f71f7479e319c2adc410abca645fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20411
cf-resized: internal=ok/m q=0 n=22+168 c=0+0 v=2023.2.6 l=20411
last-modified: Mon, 24 Oct 2022 07:46:39 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfgcWWKlAWQ088tpCCIl3Revz3u5KfpxHRw9djGO55DQ:e857c023eb244b551a88e8d818e17a57"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d489a09-FRA

GET
H2 200 Cybernewsweeklybriefing.jpg
media.cybernews.com/images/thumbnail/2023/02/ 10 KB
11 KB 75ms
38ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail/2023/02/Cybernewsweeklybriefing.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b83989190497d54dafc105124fc49b46c52779baca5617ed76e2d30e375bd525

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10562
cf-resized: internal=ok/e q=0 n=31+131 c=0+0 v=2023.2.6 l=10562
last-modified: Thu, 23 Feb 2023 09:13:51 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfcVgmJ1OcReb3anBOUmSmlfmiPri99XVCPD58WiJxDQ:f1087a9cd35e51c00d95280d7c7c1098"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d4b9a09-FRA

GET
H2 200 meta-milks-users.jpg
media.cybernews.com/images/thumbnail_small/2023/02/ 4 KB
4 KB 70ms
32ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/02/meta-milks-users.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96addcfe4225805396e0cf8c8df6ab9f54ec42bf05e86410e64dfaf2cf0e7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 7d935e83126b0b85ded112b940f9c85c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3830
cf-resized: internal=ok/h q=0 n=32+97 c=0+0 v=2023.2.6 l=3830
last-modified: Thu, 23 Feb 2023 13:50:47 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfZOC5INiB03G0z-6x9CEscs1f8iFZYhIqdjUqgfspDQ:a669afe4bb5ce5efecda981b59039bfb"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d499a09-FRA

GET
H2 200 RussiaUkraineCyberwar.jpg
media.cybernews.com/images/thumbnail_small/2023/02/ 6 KB
6 KB 77ms
40ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/02/RussiaUkraineCyberwar.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a688d383acee3ae066134a7935604963e5e1351d0013bf19387f3112c0bf912

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 25ad1b0937f8931040e6831f872b7398.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5727
cf-resized: internal=ok/h q=0 n=30+761 c=0+0 v=2023.2.6 l=5727
last-modified: Thu, 23 Feb 2023 09:48:56 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfFHPoqDz8VY0e-29uU1zR3PMo8iFZYhIqdjUqgfspDQ:43c125e2f72a67c9d91ca7954af21ba6"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d4d9a09-FRA

GET
H2 200 LGBTflag.jpg
media.cybernews.com/images/thumbnail_small/2023/02/ 4 KB
4 KB 70ms
33ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/02/LGBTflag.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bdf01ca49b637f428af9c0fedd9a75135b7ab0dd9cb8425b50985f93dec05c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ba7789e51500bb7b69a0c33a90aec410.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3590
cf-resized: internal=ok/e q=0 n=56+154 c=0+0 v=2023.2.6 l=3590
last-modified: Wed, 22 Feb 2023 12:12:20 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cflZC5hk4V68J8f1lWSuIgpai78iFZYhIqdjUqgfspDQ:4ff968391641ccfad9232dbdfd8a2197"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d4a9a09-FRA

GET
H2 200 Shutterstock_2003958032.jpg
media.cybernews.com/images/thumbnail_small/2023/02/ 4 KB
4 KB 31ms
31ms Image
image/avif 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/02/Shutterstock_2003958032.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8081bef307a299e4bbdd784c240806e1bdb2db6aeaac1dfbbbcc72ace0fe66fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3840
cf-resized: internal=ok/e q=0 n=69+161 c=0+0 v=2023.2.6 l=3840
last-modified: Wed, 15 Feb 2023 14:43:23 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf3pOtODHLn1eVVRzdTadgttDL8iFZYhIqdjUqgfspDQ:4ea1f5e48097ab40fe43bdf926029b55"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 7a09c7352d5f9a09-FRA

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 27ms
26ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 563
etag: W/"725985d8b3cb9e8905cfe4c97cc83600"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7a09c734eada8fca-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 14:16:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 13:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3848
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Feb 2023 15:12:19 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 3 KB
1 KB 137ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1677593787792&cv=11&fst=1677593787792&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&tiba=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&auid=387396980.1677593788&uamb=0&uaw=0&data=contentBucket%3DNews%3BcontentType%3DEditorial&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7dca8e7142c4f6e01e6246bb6978fe494f9193851abdb9b0337b121e11db8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54c54d9b1b41d8c8ee1815ebfa6f338183a4fd557e38482cadc4b9dd1bb70950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 14:16:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/ 366 KB
120 KB 172ms
100ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31072480

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

748a9b391b044f8e73cd7a08a694a3652177d5b27eb9d8a29b774ade1fb999c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123294
x-xss-protection: 0
server: cafe
etag: 2373733881803378393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 14:16:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame DDB0 10 KB
5 KB 83ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 20:28:13 GMT
etag: 2378337311435320485
expires: Mon, 13 Mar 2023 20:28:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 69ms
68ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1956970105&t=pageview&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&ul=en-us&de=UTF-8&dt=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=153257061&gjid=1420666450&cid=822332422.1677593786&tid=UA-149779697-1&_gid=1272318234.1677593788&_r=1&_slc=1&cd1=Vilius%20Petkauskas&cd2=News&cd3=Editorial&z=1146435979

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 71ms
71ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1956970105&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&ul=en-us&de=UTF-8&dt=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookieFooter&ea=load&el=organic&_u=YADAAEABAAAAACAAI~&jid=962671685&gjid=711470741&cid=822332422.1677593786&tid=UA-149779697-1&_gid=1272318234.1677593788&_r=1&cd1=Vilius%20Petkauskas&cd2=News&cd3=Editorial&gtm=45He32m0n81KMWQ6GT&cg1=News&cg2=Editorial&cd6=2023-02-28T14%3A16%3A27.799Z&z=1738140182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 51ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je32m0&_p=1956970105&_gaz=1&cid=822332422.1677593786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677593787&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&dt=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=News
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 62ms
19ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=822332422.1677593786&gtm=45je32m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 152ms
59ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=822332422.1677593786&gtm=45je32m0&aip=1&z=467425714

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/589784210/ 42 B
455 B 189ms
74ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/589784210/?random=1677593787792&cv=11&fst=1677592800000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&tiba=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=168079768&rmt_tld=0&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/589784210/ 42 B
455 B 122ms
48ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/589784210/?random=1677593787792&cv=11&fst=1677592800000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&tiba=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=168079768&rmt_tld=1&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 29ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=153257061&gjid=1420666450&_gid=1272318234.1677593788&_u=IADAAEAAAAAAACAAI~&z=1117870142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Feb 2023 14:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=962671685&gjid=711470741&_gid=1272318234.1677593788&_u=YADAAEABAAAAACAAI~&z=204122686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Feb 2023 14:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 153ms
83ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=153257061&_u=IADAAEAAAAAAACAAI~&z=1505457823

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 88ms
60ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=153257061&_u=IADAAEAAAAAAACAAI~&z=1505457823

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 152ms
83ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=962671685&_u=YADAAEABAAAAACAAI~&z=1265518042

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 88ms
60ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149779697-1&cid=822332422.1677593786&jid=962671685&_u=YADAAEABAAAAACAAI~&z=1265518042

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 189ms
69ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31072480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3364ffc92c146e368668b5f490952cbfd879ffe9558a1745b13e7c020ea3119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 220ms
73ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 206ms
71ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 526F 255 KB
57 KB 639ms
638ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1677281609&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787818&bpp=4&bdt=277&idt=284&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6202756512640&frm=20&pv=2&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69202f7c4221ba7af2b05cf72ffa31d23aff95b087cf873cb0209a57e38ef58e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57680
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:28 GMT
expires: Tue, 28 Feb 2023 14:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A78 88 KB
33 KB 354ms
354ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

422bd3352c21ee792eaa9dfef171a16b315a26db2b8ec285bf5f75bf5ca0091a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:28 GMT
expires: Tue, 28 Feb 2023 14:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B31 140 KB
31 KB 598ms
597ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5706b0dd768eb642c8ed84d10d289a3c4c3fb4537abb57430d0fd4b1780b107a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30939
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:28 GMT
expires: Tue, 28 Feb 2023 14:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9A78 6 KB
1 KB 124ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 12:36:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 14:16:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 9A78 2 KB
818 B 144ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A78 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxnzmvAz-Y4TDCqaPjuwPxqqPuAb2vZrSarK3yoeOEKnThKyMCRABILbX6XtgleKQgqAHoAGQgvHxA8gBCakCDzMradhCtD6oAwHIA8sEqgTsAU_QIBlxiFOTZbGKnvyJVW5Xatimew6EoVUzkR9MCyk6vrZ6OlNxFnmZqH1o6_U3f_7IssjlZHYlgK4pwJ3ngzVa8IxNzMP4t8mQF87TDeD6_YlIqUFmyE0rYaY4Oy1m2HFJjMXmHkHI0Yz4KBA_7s0AeESmDhh6n-SmQbEcugJY7LrDX7YsMe5SkPwqxGdfUwdQRwDPzsagVYkmnqkDR1vHYOJ6mWGuIJC9WIzW1juwmNsxCjWnOgxOIy9NjrbpaAKToWx0vO8teok_32sEM4S2L8Vt3q_G9KPVgxyJn8EFZA2xHkwjuU6mYYtvwAThje3VjASSBQQIBBgBkgUECAUYBKAGLoAH2P2ODqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKOYAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=63dk5IszdtQ&uach_m=[UACH]&cid=CAQSKQDUE5ymABtczozMPlYPM4jYyg2XfeC2q_0lZ2CsYCGRQArdHOveXmpTGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 9A78 22 KB
9 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 9A78 3 KB
1 KB 142ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 9A78 20 KB
8 KB 134ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A78 0
0 69ms
68ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLFGVsLGE8FrkE_9e_l4UC7pGdHaDy0E8Nbmxw63_-ePplTISiie0FuRcObaN8D92h3Ekazc1KoTue3vX-WNYH7ltS1w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A78 158 KB
49 KB 142ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:16:28 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 9A78 34 KB
14 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:29:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6204216744080659128/ Frame 9A78 5 KB
5 KB 151ms
69ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6204216744080659128/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

084d32f8d5df61bca2b3dae8070d00715daf460ecbfc01b4b2aa40af7699166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 07:11:09 GMT
x-content-type-options: nosniff
age: 284719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5057
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 10:53:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 07:11:09 GMT

GET
DATA 200
OK truncated
/ Frame 9A78 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1019 1 KB
643 B 36ms
36ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A78 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58ed98b1dc851a182b1f82c5761da572ed32c9ff5ad4d6c0084fd05db69c801

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1019
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFwlUyRTMOxXyDLciZ3X7Sc&google_cver=1&google_push=Aa02lx_y9LB1aVbqwJvP7LF25D_yqh9h8ZFx4vsC1A-OAP10OS3CIJBxWzvl3BvRRhwHlf9Hw4iVUu93mKehRtF79vyViYsAwiX5D2iU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

43 B
398 B

116ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1019 0
173 B 89ms
23ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEA7JoVTH9EgZQ0f0giRUXPs&google_cver=1&google_push=Aa02lx9jDe15RPMdPcE4P9o3EI-r3DQMgpBhkxE0UaEI5HSLLRnWYUypVKlmbNPLshwR_76803-hkcSI5Ls1u1Bunx4z6eDvWVMr86i3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1019 43 B
351 B 63ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOX4XVVTT-nNUYRhiS87NEY&google_cver=1&google_push=Aa02lx-2w9KyIq8xh-RIEQNha86V3NvPhxWLcuOXBK2JyL2ABeOYSoFFRksSLJ1wPPcyB_xUuE-tSp-36jI8BBKwq5O5sdNfOkgww7pj
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1677281609&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787822&bpp=2&bdt=280&idt=316&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TFh9hsp1sU&p=https%3A//cybernews.com&dtd=322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: j55p3c1fcrbd06ds3ecfgr30jv4v46sb

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_hm=Y_4MvJy5rIdHkBSOOWQ-3AAADIIAAAIB&google_nid=index&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw...

170 B
232 B

57ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_hm=Y_4MvJy5rIdHkBSOOWQ-3AAADIIAAAIB&google_nid=index&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw0Hp0NzkDkBs59zqYbPDPMT7m6I6PUPE9EebT02fAF-qEwPDdUG0VwHwszyPbUaJySh_

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Feb 2023 14:16:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBzhR_eO6cSD3Ujp4ghASVk&google_hm=Y_4MvJy5rIdHkBSOOWQ-3AAADIIAAAIB&google_nid=index&google_push=Aa02lx9WyS2DwRcMcqf2-U2QUbHVC7kr90AQw0Hp0NzkDkBs59zqYbPDPMT7m6I6PUPE9EebT02fAF-qEwPDdUG0VwHwszyPbUaJySh_
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEALqfK2myKmyTiwKmPYof0s&google_cver=1&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WK...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WKeb94AVnvI-BTWqXK

170 B
409 B

68ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WKeb94AVnvI-BTWqXK

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Feb 2023 14:16:28 GMT
via: 1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_JIxJwJsc4tC674HbfhTRWNEHl60f621QoILy8KMfXsCsdi6fwyP2I9BtsQeCIfjHpyzBtueaJK56z19WKeb94AVnvI-BTWqXK
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: GO0zROyYos0PYBlaBGy77-gm50t3Jl7-J0vl5WSJIIkYVs79y9D9MA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOFGfb-W3eKiZf5YrxrKfVk&google_cver=1&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOFGfb-W3eKiZf5YrxrKfVk&google_cver=1&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMb...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K0NBVH3gTnSem33gFNqWYw&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKM...

170 B
232 B

58ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K0NBVH3gTnSem33gFNqWYw&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18XTQJkISks4

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K0NBVH3gTnSem33gFNqWYw&google_push=Aa02lx-B-AtZZLP2p2-_l5pfCaMrVwiqkBRtowZYQpKyxw2PTfThuM1dLfL9NJ_g2iyjigm7ddpCmhyWERE3HKMbmIZi18XTQJkISks4
access-control-allow-origin: *
date: Tue, 28 Feb 2023 14:16:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1019
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIYHqOMlS8xMQNdgYSxpcWU&google_cver=1&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SO...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIYHqOMlS8xMQNdgYSxpcWU&google_cver=1&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOs...

170 B
232 B

65ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SOaIXLIzdDTqHmqbVNaN8eG3yhHrNCF1HQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx_HaMY986rM4lT07lNXh-4DI-PinZ4uenJ_OZTSNmS_hrAq4rLOsEsucw8r-pHb3EV0SOaIXLIzdDTqHmqbVNaN8eG3yhHrNCF1HQ
date: Tue, 28 Feb 2023 14:16:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1019 0
50 B 195ms
82ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEn-gQR5MJ7ioIiGKgQ3913hwvGqlELGNEAz1mjFq7SOw3LzwVezBmv8jTrb0VEh3PnE1oVg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 4B31 10 KB
4 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:18:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4B31 2 KB
799 B 46ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 200 93ba699ab0858e23126e6495ee504fcb.js Show response
www.gstatic.com/mysidia/ Frame 4B31 23 KB
10 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/93ba699ab0858e23126e6495ee504fcb.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c79310e077420df2623a0810adafbe7d7379ee885a763dac420426007a656100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9834
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:37:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 4B31 22 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4B31 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4B31 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B31 0
0 70ms
69ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3j4HGRoIbCaGLf0RgXibV0D4KuiN5qizW7ItxGXz9aMxLURpuLGde4TjHUC0OwcfihfaJ-qai4Wb_QCPspshwTiUr9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B31 158 KB
48 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:16:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9A78 15 KB
16 KB 177ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 438803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9A78 15 KB
15 KB 187ms
60ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 434157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/ 150 KB
51 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/reactive_library_fy2021.js?bust=31072480

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc55a39bea9da99599f6e1e51def5a54f50abadc4efb6ebec46f944a54d6178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52042
x-xss-protection: 0
server: cafe
etag: 13068071459026469466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 14:16:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=3%2C4&c=ca-pub-5928161074779380&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18172631690328175586/ Frame 4B31 239 KB
239 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18172631690328175586/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c31670203b430bd808773602a3dc1ad71e972b86d0cf3d1d4e437d929a70723e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:36:08 GMT
x-content-type-options: nosniff
age: 524420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244790
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 18:23:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 12:36:08 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3433851940060240907/ Frame 4B31 72 KB
72 KB 127ms
126ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3433851940060240907/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf16e19b18266055dec826a7bd5014dcf7f67966c08203c12ba81cc378d96f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:30:03 GMT
x-content-type-options: nosniff
age: 344785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73367
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 23:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 14:30:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1238612353123322247/ Frame 4B31 71 KB
71 KB 132ms
131ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1238612353123322247/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658fdd925b033864d3eec6155f4427dd022cfb6be2af31656b010a4de30296cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:28:18 GMT
x-content-type-options: nosniff
age: 409690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72684
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:48:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 20:28:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8921152600847503660/ Frame 4B31 146 KB
146 KB 152ms
151ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8921152600847503660/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f610624225da61c094268c15194a6691d48ca513a589b31bf525b3d36151c117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 06:57:18 GMT
x-content-type-options: nosniff
age: 285550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149778
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 17:03:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 06:57:18 GMT

GET
H2 200 5955269096003708412
tpc.googlesyndication.com/daca_images/simgad/ Frame 4B31 201 KB
201 KB 154ms
153ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5955269096003708412

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdf6b1565f546e1e9c1d72eb38aca041f880c81355d8a36a63828c8e322419d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:01:53 GMT
x-content-type-options: nosniff
age: 382475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205365
x-xss-protection: 0
last-modified: Sat, 30 Apr 2016 00:47:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 04:01:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6204216744080659128/ Frame 4B31 22 KB
22 KB 184ms
183ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6204216744080659128/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd26cd1429bcc830b56252b3b57f76c74ab3a50d8d68ccea890910cd2627f7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 07:16:52 GMT
x-content-type-options: nosniff
age: 284376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22654
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 10:53:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 07:16:52 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5716841010719287958/ Frame 4B31 86 KB
86 KB 183ms
182ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5716841010719287958/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15f4e49cb82b44032fa93865c455775ca29fe5ae2c1977e58f26b8d83fd4ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:36:56 GMT
x-content-type-options: nosniff
age: 376772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88296
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:09:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 05:36:56 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14647294657205233874/ Frame 4B31 84 KB
84 KB 178ms
177ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14647294657205233874/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe018e12e5972a271c1e305577ca9fd1bdaf6cc2514c7c49584c0c78f5d2db0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 05:12:26 GMT
x-content-type-options: nosniff
age: 551042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86240
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 11:30:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 05:12:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 81ms
77ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB81SvAz-Y6eAC-iQjuwPmqCcmAX8-_fkbqOv_7ODEKnThKyMCRABILbX6XsoCGCV4pCCoAegAZ7ox54oyAEGqAMByAMCqgT-AU_QT1Z3gRGpLIUMeZ-uYLG3r3nMSuLt4LOdt9ezXm2G2snhcLyKEdf2gMW9yPMkV93dqXNohHVnUjG8ENYy5Mk0M5diFiViLpw80S037RhfV7A7zIAj4y67SOD4NA4eiP6P1nOgC2WQhgT2ONvLSjaGK3NfuIxO2-kv2aCu4IiZrnVXYWdM1EKJd4nUwD0jlGZxKTcw41xR2cKOL3WGC7c4KRlbvjkEjrwO8QMBiSG7FX5LYhuIsyq4wQQxDSvXQbRHcSKokZ7PJwEiiVDcee9Wdwa95rSKuUia1YMtHFvuiwifleMB4FEDgYhigWSSCrKIs8p1S50sb6iZuFiFwASWqpXuiwSSBQQIBBgBkgUECAUYBKAGN4AHnqCY_gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUHtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=MXs9E9DPHRk&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 89ms
85ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CESQqvAz-Y6eAC-iQjuwPmqCcmAXag8meb6CVq_jSEL_O8_0IEAIgttfpeygIYJXikIKgB6ABkpmr_ALIAQaoAwHIAwKqBO0BT9BvBoSYC5AVNr918bR7tqCzct5Ov6DssUoM0YNdYMeWyeyTZ7FDy_aExvTd82hNxtq-b2OWcTofPb5Slzn2zWhsgmkcM3EolD2SciDrFEJB-WTfjz7_LPsB4fA4ARTDMW7U8CIIpFKA3jyZoZ5s3HbAkrhVZ_ZiA8RLN0ALS1xDns_zm7rVQIkzOCLDPCKUk4cq9_Djqafawo4vgHAItzgJzK29OQSOSfjyAwGL1k0Wfkti7n6yKLjA5dfGc8NYNYm0KqiR3hW3KBkMDL19QkK-eayKHIgntyhMFQssFkI_sLW--_V-0BBnfvebwATU8f7nmgSSBQQIBBgBkgUECAUYBKAGN4AH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=d7mmrbA3tdk&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 80ms
77ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW6EdvAz-Y6eAC-iQjuwPmqCcmAW39qypbr3m2Z7qEKnThKyMCRADILbX6XsoCGCV4pCCoAegAc7e5-QCyAEGqAMByAMCqgTsAU_QBm6zmAqQFTa_dfG0e7ags3LeTr-g7LFKDNGDXWDHlsnsk2exQ8v2hMb03fNoTcbavm9jlnE6Hz2-Upc59s1obIJpHDNxKJQ9knIg6xRCQflk348-_yz7AeHwOAEUwzFu1PAiCKRSmN48mInvTcR2wJK4VWf2YgPESzdAC0tcQ57P85u61UCJMzgiwzwilJOHKvfw46mn2sKOL4BwCLc4CcytvTkEjkn48gMBi9ZNFn5LYu5-sii4wOXXhQ6GQDWJtJcpo6EVtykZUyjUAnFCgxy8yh-IsJ4KTBkf7jdaQyG9nPv7aDxVLVJLwASG1NK8qgSSBQQIBBgBkgUECAUYBKAGN4AHmqGYmwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=w37jMLOywFk&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 83ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9NFLvAz-Y6eAC-iQjuwPmqCcmAWzoa6Zb_Dq1pC1EcCNtwEQBCC21-l7KAhgleKQgqAHoAHJmoHsKMgBBqgDAcgDAqoE-gFP0Cof9ZgNkBU2v3XxtHu2oLNy3k6_oOyxSgzRg11gx5bJ7JNnsUPL9oTG9N3zaE3G2r5vY5ZxOh89vlKXOfbNaGyCaRwzcSiUPZJyIOsUQkH5ZN-PPv8s-wHh8DgBFMMxbtTwIgisUlai7JIA8Zw_mytzBr-MTvHtL9nxreCIwqJoV_huuZO1infMIcPIIZSmhCrC8-NcpNo3jS91cyhCOyk5rr3MB468-_D2AokjThaLSGAbfbHIvi7jdfuY_NPj_eEVMputhyeqnW_XaT7cstP2OqSjbB6WIsgcJTTf7rGeClBc31LIlaeytAWYLvoXXDHuT9k0ppEvwAT2jeTHrASSBQQIBBgBkgUECAUYBKAGN4AHydLRywOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCNAVAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=D2JiAwCRdfA&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmWGTvAz-Y6eAC-iQjuwPmqCcmAXEpsicb7-buqX4EP_1kOPXAhAFILbX6XsoCGCV4pCCoAegAcOs_OAoyAEBqQI1g6bzRMyxPqgDAcgDAqoE_QFP0BtryZgPkBU2v3XxtHu2oLNy3k6_oOyxSgzRg11gx5bJ7JNnsUPL9oTG9N3zaE3G2r5vY5ZxOh89vlKXOfbNaGyCaRwzcSiUPZJyIOsUQkH5ZN-PPv8s-wHh8DgBFMMxbtSIIQjkUoXePO6wjT_EdsCSuFVn9mIDxEs3QAtLXEOez_ObutVAiTM4IsM8IpSThyr38OOpp9rCji-AcAi3OAnMrb05BI5J-PIDAYvWTRZ-S2LufrIouMDl14EjkQ83ibQqqJHeFbc4GSZ361JPQqkmmoEfoHAe-es_L5nVxakIloQlD9B7vImqYo1wQ3LG-xvCV0uTOtiPrpP4wASJ0u3XrASSBQQIBBgBkgUECAUYBKAGZoAHw-TMwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=3-h3kUN0ejs&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 86ms
83ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9uRmvAz-Y6eAC-iQjuwPmqCcmAX2vZrSarK3yoeOEKnThKyMCRAGILbX6XsoCGCV4pCCoAegAZCC8fEDyAEGqQIPMytp2EK0PqgDAcgDAqoE7AFP0FBK45gMkBU2v3XxtHu2oLNy3k6_oOyxSgzRg11gx5bJ7JNnsUPL9oTG9N3zaE3G2r5vY5ZxOh89vlKXOfbNaGyCaRwzcSiUPZJyIOsUQkH5ZN-PPv8s-wHh8DgBFMMxbtTwIgikUoXePIqSlUzEdsCSuFVn9mIDxEs3QAtLXEOez_ObutVAiTM4IsM8IpSThyr38OOpp9rCji-AcAi3OAnMrb05BI5J-PIDAYvWTRZ-S2LufrIouMDl18Uj5tX5TLwqqNEEhZ4D4Upj-v9YkIsRwxseHLOeCkwZH8wcRDofvZz7-2gaaWZTS8AE4Y3t1YwEkgUECAQYAZIFBAgFGASgBjeAB9j9jg6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD3pBrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=FO1VHxAvH0w&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 87ms
85ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CknMjvAz-Y6eAC-iQjuwPmqCcmAXb-76eb6_g4uX5EL-6872EKhAHILbX6XsoCGCV4pCCoAegAZmO2eoCyAEGqAMByAMCqgTtAU_QXh3RmA6QFTa_dfG0e7ags3LeTr-g7LFKDNGDXWDHlsnsk2exQ8v2hMb03fNoTcbavm9jlnE6Hz2-Upc59s1obIJpHDNxKJQ9knIg6xRCQflk348-_yz7AeHwOAEUwzFu1PAiCKRSmN48yZ2JR8V2wJK4VWf2YgPESzdAC0tcQ57P85u61UCJMzgiwzwilJOHKvfw46mn2sKOL4BwCLc4CcytvTkEjkn48gMBi9ZNFn5LYu5-sii4wOXXqmjOMTaJtCqokd4VtygZMhDWW0tC0TKuihyID7YoTBULLHkJPbC1vvv1ftAuexXRksAEn_LekqEEkgUECAQYAZIFBAgFGASgBjeAB-zU9ukCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ96Qa0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=xYIzNh78FaU&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B31 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CknrUvAz-Y6eAC-iQjuwPmqCcmAXVgorlbufD3rmhEPLoyJiMDhAIILbX6XsoCGCV4pCCoAegAdXT86AByAEGqAMByAMCqgTtAU_QLjvwmAGQFTa_dfG0e7ags3LeTr-g7LFKDNGDXWDHlsnsk2exQ8v2hMb03fNoTcbavm9jlnE6Hz2-Upc59s1obIJpHDNxKJQ9knIg6xRCQflk348-_yz7AeHwOAEUwzFu1PAiCKRSlt48_cTEUMV2wJK4VWf2YgPESzdAC0tcQ57P85u61UCJMzgiwzwilJOHKvfw46mn2sKOL4BwCLc4CcytvTkEjkn48gMBi9ZNFn5LYu5-sii4wOXXmVa3OzaJtCqokd4VtygZJW-xFUpC6yHysRyIXLUoTBULLEMaYYu1vvv1ftA5BHKfk8AE3vbq4IAEkgUECAQYAZIFBAgFGASgBjeAB5OsjN8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ96Qa0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=3q4WyjGfx3o&uach_m=[UACH]&cid=CAQSKQDUE5ymnKz4W3722ZGTB51t_75FdTsNwmJAagC1fnUOpmhZOdeMEInzGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 14:16:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 55BB 1 KB
643 B 44ms
35ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B31 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0cb014fec7751dba1d02bb765a2c18dde54fff1c6fbe69cd7382fcc8d2da9db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 310E 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 11:29:19 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 55BB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO7q7y1I4y6J0Hy2Tm6GwGY&google_cver=1&google_push=Aa02lx9iMESqZOU52MHC38TWevtBKCTAp8hnqk_31wGOawjTkSZcb55DAWs1ekdeQ6h0tgJIJ3dHQ_MSNBgnM8zbwlsKAJmHAUgsa4Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

43 B
398 B

17ms
17ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
Requested by: Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 55BB 70 B
265 B 111ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMBQZHqeIswPyUGges0NEW4&google_cver=1&google_push=Aa02lx9x_XtgNJrawHElfh-qKUsDiEP35uBq6yYa80K_GjWHQhaLJP-JzMZ080tNABqZanZ5FdjEvKo5lz4cq9FDMPEGn0Kz3khadAEq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1677281609&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677593787824&bpp=1&bdt=282&idt=326&shv=r20230223&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=6202756512640&frm=20&pv=1&ga_vid=822332422.1677593786&ga_sid=1677593788&ga_hid=1956970105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480&oid=2&pvsid=4246682038768142&tmod=394764192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W7WVxdORcL&p=https%3A//cybernews.com&dtd=330
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55BB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJaBJR_gtL6kv2sHoKnYU30&google_cver=1&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UtnZIILXRdyrr9g4hQxckQ2&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3c_akQncNWon-ZrCi

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UtnZIILXRdyrr9g4hQxckQ2&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3c_akQncNWon-ZrCi

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UtnZIILXRdyrr9g4hQxckQ2&google_push=Aa02lx_ULhcPy_ZUoTqyIALfFNQ8pXFdssetIYHF-9c0QUJgmkX6TWsz8-p92tKSByeRGsiCtZ43MWGzGFKMkfu3c_akQncNWon-ZrCi
x-host: tde-deliveryengine-production-cdcfc8b9-fvlf2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55BB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGKbNNIkHB-TrgEpdZLuEY&google_cver=1&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGKbNNIkHB-TrgEpdZLuEY&google_cver=1&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnv...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV&google_hm=atWJWIobQ6Kbw5PJlqx...

170 B
188 B

64ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV&google_hm=atWJWIobQ6Kbw5PJlqx5ag==

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV&google_hm=atWJWIobQ6Kbw5PJlqx5ag==
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55BB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iLUj6K7bQiqdigsaiCBptQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iLUj6K7bQiqdigsaiCBptQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8Y88ZJw7ZKNGbBIAzdqsyT7E-HLU2yQntIvQSXlQccqib_ABrX5FnS0lluM6jbLaGQm6GBusc9acSKqZsYVZN--I5ZahnkLSg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iLUj6K7bQiqdigsaiCBptQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8Y88ZJw7ZKNGbBIAzdqsyT7E-HLU2yQntIvQSXlQccqib_ABrX5FnS0lluM6jbLaGQm6GBusc9acSKqZsYVZN--I5ZahnkLSg
date: Tue, 28 Feb 2023 14:16:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55BB
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMrzyIUxHkTJmuvgGByrTxU&google_cver=1&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz-7Fd1ZUE8p0q7cLs

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz-7Fd1ZUE8p0q7cLs

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6F23isg3NtB-Cs1cUgj6dGiC4BIMRulQqswVTYUgVG_QSYmDgnd3hx4lZJJWEJ2m7DuQueCXBmVEQqYZz-7Fd1ZUE8p0q7cLs
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: HDjCJqlHaZUPdWT8na01hpD4c2eUc9nBboO6S48Q1SGbsez3tEAqFA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55BB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ73kZBO1yYPkvHvNbAg8qk&google_cver=1&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI2MjM1MDIyOTU5NDg4NDU5ODkxNA%3D%3D&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcb...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI2MjM1MDIyOTU5NDg4NDU5ODkxNA%3D%3D&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-IBwyZ

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI2MjM1MDIyOTU5NDg4NDU5ODkxNA%3D%3D&google_push=Aa02lx_Rt9sJVMuIaO9e77b8FWVanHyExGDfUkIlQjT1svzZC-vdWMcbFPq6WRKeaG-JEznGh5iiSB6GAgzDfnDa3C-aY-I1cc-IBwyZ
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 55BB 0
12 B 44ms
43ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KT-i_I6cjyabWhe2XxUdPFcEKUc7Gxphp4ntt4b0DknaDY2KioV0Fwnxmrdq_UleJveo6a

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
68ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=3%2C4&c=ca-pub-5928161074779380&eid=44759927%2C44759876%2C44777877%2C44759837%2C31072348%2C31072480

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 69ms
68ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cybernews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/ Frame FEF0 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 20:31:32 GMT
etag: 2378337311435320485
expires: Mon, 13 Mar 2023 20:31:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/ Frame 4776 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 20:31:32 GMT
etag: 2378337311435320485
expires: Mon, 13 Mar 2023 20:31:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame FEF0 22 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:10 GMT

GET
H3 200 3114596342976844591
tpc.googlesyndication.com/simgad/ Frame FEF0 42 KB
42 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3114596342976844591?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlFKVTljVs_BCvSUQAYzWeNfsOl1g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215b415efe7302ef2fdfd1aeb4b0bdd04444ae5451caea61069eef15f1627c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:22:42 GMT
x-content-type-options: nosniff
age: 431627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43004
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 20:24:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 14:22:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame FEF0 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame FEF0 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FEF0 0
0 73ms
73ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7XDXL15AvSqTgDuI_WvhvaR7svDPEqWoVH8FCB3gYBg90ILNBDaVuaNYohWc9yYRCvJ30w4Kg5xbzrAFbwN7XPlHI6g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEF0 158 KB
48 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:16:29 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame FEF0 33 KB
13 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 18:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13744
x-xss-protection: 0
server: cafe
etag: 5530353353552386020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 18:23:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4776 8 KB
991 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 12:38:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 14:16:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4776 2 KB
765 B 76ms
76ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 4776 22 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4776 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4776 20 KB
8 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4776 0
0 77ms
76ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNpu3i5ZbLBG087TdYHF-uFLSHRyKnAxEo7u4J9jJll4uNONrPztN4FlijIM-mtRv-dHOWeGsO5Df5R2kQpJSnL2aQFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4776 158 KB
48 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:16:29 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 4776 34 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:29:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E581 143 B
166 B 47ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BECC 1 KB
643 B 47ms
36ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA27 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame BECC 35 B
464 B 39ms
8ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9a5iJouYhoZqrkoiuxGX8&google_cver=1&google_push=Aa02lx_GRI3wO1I5F7_fRwyYBLYLoFfRsoktUSXchkGHHuCw14tEoGyAb-xDk_5KxznLy832w96aDGW8mUip2rwhWtzNRfOH3Suo787f

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BECC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECTMLAPxV-fnLx7qL64ZrfQ&google_cver=1&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECTMLAPxV-fnLx7qL64ZrfQ&google_cver=1&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODczOTQ1Nzc3NjM5MjM1NjIyMw&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOe...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODczOTQ1Nzc3NjM5MjM1NjIyMw&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepxlaBPYCQNPWzoLTUnkbXO4pC-

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODczOTQ1Nzc3NjM5MjM1NjIyMw&google_push=Aa02lx9vEJad7Gn86s2IHLrOWlLxgFfVLSkPzRbiBkgUNxiTLAhFphdDfK82nA4ovyHSD5AF-p3kOepxlaBPYCQNPWzoLTUnkbXO4pC-
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BECC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM1X0Cg7ECPeuMruT9Hj3JY&google_cver=1&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQdHw2SyzSt3Aktj9eqnsV

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQdHw2SyzSt3Aktj9eqnsV

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8gyNEU506hlWcg3uoo-SYprwJqhSz4VJozxhFjLZZY4pGozksIaEoOCzbjtRIsNuYiI18x8Aa_uqfQdHw2SyzSt3Aktj9eqnsV
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BECC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-0af168a7-9015-4961-bc5a-671397274c38-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_MNaupYySkrz8wBd6ro...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_MNaupYySkrz8wBd6ro6SeqB2tl__tEFayQrqjgneJlhlrBRwv84L3iCXjZfXeRPPtZ763CaJiWxPP5_Vh0FZxCgWs40q-h8k&google_hm=AwrxaKeQFUlhvFpnE5cnTDg
date: Tue, 28 Feb 2023 14:16:29 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0af168a790154961bc5a671397274c38003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame BECC 0
44 B 117ms
17ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECYOOd4UuDpGKgr3WUrJezg&google_cver=1&google_push=Aa02lx8EYJ0k7_gQ2fFkKjyzdJT-c5XZ4865AplCmAQ7rUP4PRRE__4dDxiSfOOvOQ-U3mu5heNgAtEvgoLnmQB6B39EyWuS-ioqG6GW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:28 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BECC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKxw4d3pMLCYAglBOcgtjqg&google_cver=1&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5bEoRDka2afZyVQ9GP...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5...

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5bEoRDka2afZyVQ9GPUS64RC0Wy26zOeGU10B2VQIv8H93sUpQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EQ2kuQk9wRTJ1R1pGeExKWDBNYkhXQVlsbnBBUVk0WH5B&google_push=Aa02lx9kjUjWqVc-_qGw6GL1D6iBWIjrWwR8cTuwqeZYcFKtsJj7aWZF5bEoRDka2afZyVQ9GPUS64RC0Wy26zOeGU10B2VQIv8H93sUpQ
date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame BECC
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJd-NlSKsQ9R2CItJkTgnso&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8sTStJ2bzl2RvGrIBeBGxaNs-8wCYl8oJnnqFeqdrXBI74aol8OKu6JYozGpBM0o_wkDVEgdGb8sjGv9jH1Fq6yZl3b0oudSqm
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

29ms
29ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Tue, 28 Feb 2023 14:16:29 GMT
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BECC 0
12 B 43ms
43ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jv0lF8XV6Yf4hqSFU11yg-YXylfKv6gbhzZwJ7lhtffv3H3v4iyqllNcMDE0E85lKsnxiUotU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BA27
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1&google_push=Aa02lx8yQFd9WGA7VnhK0SvTJmSiIsunLLf2sX6Q2-mf9dlUIfEm0ho_PLHf_P-OCl9G51BVfOoLcNXBbuXu6RLxGvtilB_TzKh1YNs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY1OTIyMzUxMzAyNjkxMjMzNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
Requested by: Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHH8WJzRqy8t6DiHc-8D6LI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BA27 70 B
264 B 36ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPmegdvnrbr0BaphXY3K8ZU&google_cver=1&google_push=Aa02lx_3JbNx_PzxjvYVhgfD25xjxMYk1U9bocmKdxa1PtBWNnUnfURsAC-IJRDvXLYFbZ2s1zCiMuL0NVnJ7Lsla9pCY1g7AGoyng
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA27
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGDPP6SLrsqanidyJ671x1U&google_cver=1&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8Gs...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8GsdGKG7XnXF97wTQ0ss&google_hm=hmP-DLzLJTkmkU...

170 B
188 B

46ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8GsdGKG7XnXF97wTQ0ss&google_hm=hmP-DLzLJTkmkUH13Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63FE0CBCCB2539269141F5DDBLIS

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx_eJ_3teypFt69ANLDP5KBS7XodgWDrPv-5ZzNjqizUpa24Q9f0QTKCsmdOlJN-_lPY73dolvO10Wu8GsdGKG7XnXF97wTQ0ss&google_hm=hmP-DLzLJTkmkUH13Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63FE0CBCCB2539269141F5DDBLIS
date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame BA27 43 B
135 B 23ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKCsUipLKrM8WGt6lPoCx-M&google_cver=1&google_push=Aa02lx-vxUrSL8ILq39YSmr-3JyzcrY_dF-COH4yuu_p0H-V5CNn3OKsIUmsIL1kl60p2TI4OA4cJ5dtqw0wXhFUADlAhGTQmzWdwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kuhrr2qqt8pq00mbpost8ldb9pet445b

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA27
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-0af168a7-9015-4961-bc5a-671397274c38-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_baGeW6FHfVCWic-PNH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&google_hm=AwrxaKeQFUlhvFpnE5cnTDg

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_baGeW6FHfVCWic-PNHbY1258NYoNCqIEfzZp9WPf5ryW1GISV1_a7spNebCeFW9LX11kE1sV5-l58-DC1sl5dqEHvG5HXV9I&google_hm=AwrxaKeQFUlhvFpnE5cnTDg
date: Tue, 28 Feb 2023 14:16:29 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0af168a790154961bc5a671397274c38003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame BA27 0
45 B 97ms
16ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECYOOd4UuDpGKgr3WUrJezg&google_cver=1&google_push=Aa02lx86cRU0JP9v9UYZy0CB3WQwXaybkd0yY67tMD5Fxme6KLLv2iaAzGPqa6PKiGKFc-gZZabOJyjg5KiyOKuP2emQF9jtEXE3_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA27
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESECu98FEGjorbA-rEeJsXoD4%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc5NTA1MTM1MjMxNTE5Nzc1MA%3D%3D&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub43DHpYTwXzg1fh9ze...

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc5NTA1MTM1MjMxNTE5Nzc1MA%3D%3D&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub43DHpYTwXzg1fh9ze9rtPdYxrQgh1ObwgP08IgQtVFndFG-ZM4AipAEh2zWgKTXJ7MQPTRS3JkgQrrdVvIsdaAP

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Feb 2023 14:16:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 83b42cc1-51d5-4e10-833e-8f0a775d295d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc5NTA1MTM1MjMxNTE5Nzc1MA%3D%3D&google_gid=CAESECu98FEGjorbA-rEeJsXoD4&google_cver=1&google_push=Aa02lx_CHI9fCabub43DHpYTwXzg1fh9ze9rtPdYxrQgh1ObwgP08IgQtVFndFG-ZM4AipAEh2zWgKTXJ7MQPTRS3JkgQrrdVvIsdaAP
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BA27 0
12 B 46ms
43ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBYllrEKrdKTojHu3HTz0HVXvIRIAVPjrz0q5i3TBn7HvZvnvhMhtZtZuTyrnKABjNrkhrJA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E581
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:29 GMT
expires: Tue, 28 Feb 2023 14:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame E135 36 KB
14 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 11:29:19 GMT

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DE5 36 KB
14 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/news/pendragon-record-ransom-demand/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 11:29:19 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 3 KB
2 KB 82ms
23ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ff1ab16497cac7f842d02f496c139db562f25a61e1f8ee1fa6454be5783df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2251
cf-polished: origSize=3367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9c74b97e-a6f6-4a83-b8a0-c0343d08e00b
x-runtime: 0.025211
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"902f8f3cb7ca0b374473b92f7c4349f1"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7a09c741fce18fca-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 28 Feb 2023 15:16:29 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 88ms
87ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230223&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288aec21f70ffa966219e5604042864b68f6b1cbf5b7af1a28ab05ec342f8cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11108
x-xss-protection: 0

GET
H3 200 search-1faa9f3c50.js Show response
cybernews.com/js/ 7 KB
3 KB 47ms
47ms Script
application/javascript 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/search-1faa9f3c50.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd18e580f1b05148dca60e92c451082e01a0b7b45daeb99aa5d17697a943acd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 4814
cf-polished: origSize=6862
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 27 Feb 2023 09:32:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63fc78a3-1ace"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a09c7419f2e9b74-FRA
expires: Tue, 28 Feb 2023 18:16:29 GMT

GET
H3 200 links-bar-38419dbcbf.js Show response
cybernews.com/js/ 1 KB
1 KB 48ms
47ms Script
application/javascript 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/links-bar-38419dbcbf.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c949a584646de3f29fbbf249be2b124614a4a3407b79edc0c9ab13f67172bc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 4741
cf-polished: origSize=1415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 27 Feb 2023 09:32:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63fc78a3-587"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a09c7419f319b74-FRA
expires: Tue, 28 Feb 2023 18:16:29 GMT

GET
H3 200 scroll-up-703df50bb8.js Show response
cybernews.com/js/ 510 B
829 B 49ms
48ms Script
application/javascript 2606:4700:3108::ac42:2bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/scroll-up-703df50bb8.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/js/base-9bd202b6a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 4814
cf-polished: origSize=511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 27 Feb 2023 09:32:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"63fc78a3-1ff"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a09c7419f349b74-FRA
expires: Tue, 28 Feb 2023 18:16:29 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1956970105&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F&ul=en-us&de=UTF-8&dt=Pendragon%20hit%20with%20a%20record%20ransom%20demand%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews%2Fpendragon-record-ransom-demand%2F&el=25%25&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=822332422.1677593786&tid=UA-149779697-1&_gid=1272318234.1677593788&cd1=Vilius%20Petkauskas&cd2=News&cd3=Editorial&gtm=45He32m0n81KMWQ6GT&cg1=News&cg2=Editorial&cd6=2023-02-28T14%3A16%3A29.698Z&z=997330930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 04:44:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34342
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 23ms
23ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 561
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7a09c7423ca63aa3-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 30 Mar 2023 14:16:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:16:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C3BA 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 12:47:34 GMT
expires: Wed, 28 Feb 2024 12:47:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5E7 783 B
534 B 72ms
71ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c33aca9b75b710f310019090576244b90810e3de183b6aaa149c1c278d883c96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eIqRbtGKQ7yHTroKxjacTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-eIqRbtGKQ7yHTroKxjacTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 14:16:29 GMT
expires: Tue, 28 Feb 2023 14:16:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5E7 0
0 69ms
69ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230223&jk=4246682038768142&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame C3BA 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 11:29:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C3BA 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oSlx_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:16:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
71ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230223&jk=4246682038768142&bg=!hYalhtLNAAZYlHKzeJQ7ADkAdvg8WnTj_ta7o4jH_TQnKawS8NobDSV6BQ43CRfFReNCH8ePzKBOwpbykmCTrbvmegPKUyWgeQECAAAAnVIAAAAEaAEHCgAjZ5vQDNJsJ8wM21FROY1E-Z6VFMGsWZ2G21cQtJd4exEC8PCZAp3IdhEsLIl14pp1X_ZDS8vBmpvnaFiZs22YongwBi7mGAkcYqawzdrQbfYzkDrPYrpnf6vE_Duh61ZO0LQxegTQQW1pCQmiPTACTK7ube9eFr7MCVlYJvpVkakcco_40u2jQU3V-TcmLqiHRvERbbkRMlb9Gjk12nPO9Dl4ZmcTIT0iUI6vNJeA8Cza0ZJiF4xLK9iXk9CzsaOHdYOCnMQfpRkRNWa4-xlkOo0r-bGmDGx33J-B8djDJ6iHLtwnK_4sOqbKRCtJNFTMIosszhYhRdy0-VzwyEWPMd32eJyvK4gqiZx_YoFnM6kNm6xc1SiyusskaPBROPRuF49da-PVc2doiS_aRPPIA3FTjIj8y5EstQz5V0zdfQloh4eP-FyH73Hb5AnUKIjWMxdwPVaxoNp4fOPmXeiBRfs2gwYnOItuBROeTNqnD6tHbI-zRfT_COQAL4mkR3Omg55aaKTxb60tglnXrDgyPxk9xWNkbLArB6B4Gl83wFfsHoz2W4UztuhKO49Asin2WNMNikhCcZC0cJA8yZOf9xV2TK_wMZR-aDU1dqlVSytd5Lz-OsYPfblaW-Yl2QelMFnX6raQkbuH0euKAVl4QMLpRix-C1nmlDlapQjcYsIKkBMzMWuhLhfXOm19lYrwxJwXDuRB-d2RMKbFBvRviVzedtAWS9EYdgkqkEe22-h6pPBZf2MK9iDZnMvHsWbsbZFU4fgxg-gZLMHvEuUiXTkBLZpBmhDKng8-zx8WMwD_KxFKfDmlJM9ukktvOpu2hDMUiKB6N6-XYOj_Rtmq9l3-SHIdgwOF6xsQzJ8sCctmms7aoJX_Sm4k6PKcLLR3zJnQzuWZHyu_tgFUMTxuVFtzGlAGqIYnh4SgzN7fmS7UDE4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybernews.com/	1970-01-20 10:00:08	Name: cn_t_bs Value: 91
.cybernews.com/	1970-01-20 10:00:08	Name: cn_t_sess Value: %7B%22cid%22%3A%22822332422.1677593786%22%2C%22clickId%22%3Anull%2C%22clickType%22%3Anull%2C%22landingPageUri%22%3A%22https%3A%2F%2Fcybernews.com%2Fnews%2Fpendragon-record-ransom-demand%2F%22%2C%22sessionId%22%3A%227dc4b93f-eca6-40dc-bf7f-f6cc501fdd2e%22%2C%22timeStamp%22%3A1677593786%7D
.cybernews.com/	1970-01-20 10:43:05	Name: cn_t_gtc Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/	1970-01-20 19:35:53	Name: cn_t_uid Value: a28b7d21-11f6-4ccb-a001-c3552cc93823
.cybernews.com/	1970-01-20 09:59:55	Name: __cf_bm Value: olAO93_uATHWeBJJyBu1CpihxARDdpSnGdi_5sDCmyg-1677593787-0-AUShfD/Ta9Iq6zjTaRRtqzShVir9iwz80Fjm1Nau4xAij2FCBhqw/4qPVMRH35sHWyuxfD5i1v0po4kWq/BqH/rshumd0XCD9CcGpdvXrT5o
.cybernews.com/	1970-01-20 12:09:29	Name: _gcl_au Value: 1.1.387396980.1677593788
.cybernews.com/	1970-01-20 10:01:20	Name: _gid Value: GA1.2.1272318234.1677593788
.cybernews.com/	1970-01-20 09:59:53	Name: _gat Value: 1
.cybernews.com/	1970-01-20 09:59:53	Name: _gat_UA-149779697-1 Value: 1
.cybernews.com/	1970-01-20 19:35:53	Name: _ga_KT8DKCHF41 Value: GS1.1.1677593787.1.0.1677593787.60.0.0
.cybernews.com/	1970-01-20 09:59:55	Name: ga_fired Value: true
.cybernews.com/	1970-01-20 19:21:29	Name: __gads Value: ID=5a5f39e086f270b1-2280150131dd0061:T=1677593788:RT=1677593788:S=ALNI_MYls5Rep2Ii2ClIpQtkSU3z3mrgtg
.cybernews.com/	1970-01-20 19:21:29	Name: __gpi Value: UID=00000bbd325f9193:T=1677593788:RT=1677593788:S=ALNI_MaWcm9_a91KNWcZE0XmKKAOKaVkKQ
.doubleclick.net/	1970-01-20 19:21:29	Name: IDE Value: AHWqTUkSUGKUlDdJ5xKDMlEWCqbdNCi8FU9YZew3z92D8Q1u4INiapzvAC-KusnQGCc
.yahoo.com/	1970-01-20 18:45:51	Name: A3 Value: d=AQABBLwM_mMCECnJSJDQp6QxfEcvmNykqTYFEgEBAQFe_2MHZAAAAAAA_eMAAA&S=AQAAAn_HbyKUXBbCLIidIsnrj7Y
.casalemedia.com/	1970-01-20 18:45:29	Name: CMID Value: Y-4MvJy5rIdHkBSOOWQ.3AAA
.casalemedia.com/	1970-01-20 12:09:29	Name: CMPS Value: 3202
.casalemedia.com/	1970-01-20 12:09:29	Name: CMPRO Value: 3202
.blismedia.com/	1970-01-20 18:45:33	Name: b Value: 63FE0CBCCB2539269141F5DDBLIS
.turn.com/	1970-01-20 14:19:05	Name: uid Value: 2659223513026912337
.analytics.yahoo.com/	1970-01-20 18:45:29	Name: IDSYNC Value: 18yx~2a92
.360yield.com/	1970-01-20 12:09:29	Name: tuuid Value: 2b434154-7de0-4e74-9e9b-7de014da9663
.360yield.com/	1970-01-20 12:09:29	Name: tuuid_lu Value: 1677593788
.3lift.com/	1970-01-20 12:09:29	Name: tluid Value: 4262350229594884598914
.travelaudience.com/	1970-01-20 19:27:15	Name: _tracker Value: %7B%22UUID%22%3A%2252D9D920-82D7-45DC-ABAF-D838850C5C91%22%7D
.pubmatic.com/	1970-01-20 10:01:20	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:45:29	Name: KADUSERCOOKIE Value: 88B523E8-AEDB-422A-9D8A-0B1A882069B5
.bidswitch.net/	1970-01-20 18:45:29	Name: tuuid Value: 6ad58958-8a1b-43a2-9bc3-93c996ac796a
.bidswitch.net/	1970-01-20 18:45:29	Name: c Value: 1677593789
.bidswitch.net/	1970-01-20 18:45:29	Name: tuuid_lu Value: 1677593789
.bidswitch.net/	1970-01-20 09:59:54	Name: google_push Value: Aa02lx88Uy6bkIaAtwPbFbwdY3_C-F4EYB6abzTNSM6jq4x7mlXqa7I1buxqTEvEKPsoCeTp1RlnlQY8cuLYnvM_Jt9X6OVUyJlDgLUV
.quantserve.com/	1970-01-20 12:09:29	Name: d Value: EAMBCQGzKIEA
.quantserve.com/	1970-01-20 19:30:08	Name: mc Value: 63fe0cbd-7d2d5-2de74-f8c41
.adnxs.com/	1970-01-20 12:09:29	Name: uuid2 Value: 6795051352315197750
.1rx.io/	1970-01-20 18:45:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0af168a7-9015-4961-bc5a-671397274c38-003%22%7D
.adform.net/	1970-01-20 10:40:12	Name: C Value: 1
.doubleclick.net/	1970-01-20 09:59:57	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 11:26:17	Name: uid Value: 8739457776392356223
.targeting.unrulymedia.com/	1970-01-20 18:45:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0af168a7-9015-4961-bc5a-671397274c38-003%22%7D
.cybernews.com/	1970-01-20 19:35:53	Name: _ga Value: GA1.2.822332422.1677593786

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-5928161074779380&fa=4&ifi=5&uci=a!5&btvi=4&xpc=nPSw3N9mFM&p=https%3A//cybernews.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
c1.adform.net
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
cybernews.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.youtube.com
match.360yield.com
match.adsrvr.org
media.cybernews.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
region1.analytics.google.com
rtb.openx.net
s.ad.smaato.net
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
142.250.185.226
15.197.193.217
18.195.137.14
185.80.39.216
185.86.139.102
198.47.127.19
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.19.147.44
2600:9000:211a:be00:1b:5138:8a40:93a1
2606:4700:3108::ac42:2bc5
2606:4700::6812:d73b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c07::9b
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2004
3.75.62.37
34.96.105.8
35.186.253.211
35.190.0.66
37.157.2.238
37.252.171.53
51.75.86.98
52.59.46.11
76.223.111.18
084d32f8d5df61bca2b3dae8070d00715daf460ecbfc01b4b2aa40af7699166e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1bffe747b1ecf8fa12f12a9960ef6a3ec5b4e61adc3b256fd14a4b17dca54901
1ed0f8cc940fd223294fccf2ed87b9f4ac4f71f7479e319c2adc410abca645fb
215b415efe7302ef2fdfd1aeb4b0bdd04444ae5451caea61069eef15f1627c6c
288aec21f70ffa966219e5604042864b68f6b1cbf5b7af1a28ab05ec342f8cdf
2c949a584646de3f29fbbf249be2b124614a4a3407b79edc0c9ab13f67172bc3
2cc55a39bea9da99599f6e1e51def5a54f50abadc4efb6ebec46f944a54d6178
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4
422bd3352c21ee792eaa9dfef171a16b315a26db2b8ec285bf5f75bf5ca0091a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a96addcfe4225805396e0cf8c8df6ab9f54ec42bf05e86410e64dfaf2cf0e7e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c54d9b1b41d8c8ee1815ebfa6f338183a4fd557e38482cadc4b9dd1bb70950
54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5706b0dd768eb642c8ed84d10d289a3c4c3fb4537abb57430d0fd4b1780b107a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658fdd925b033864d3eec6155f4427dd022cfb6be2af31656b010a4de30296cd
69202f7c4221ba7af2b05cf72ffa31d23aff95b087cf873cb0209a57e38ef58e
6976b1e225d48e5e0097d79498a99fc73f8b43cd4b693080aa5f6960e1ce50e4
6bdf01ca49b637f428af9c0fedd9a75135b7ab0dd9cb8425b50985f93dec05c5
748a9b391b044f8e73cd7a08a694a3652177d5b27eb9d8a29b774ade1fb999c4
7a688d383acee3ae066134a7935604963e5e1351d0013bf19387f3112c0bf912
8081bef307a299e4bbdd784c240806e1bdb2db6aeaac1dfbbbcc72ace0fe66fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b508daff2d04ade9fc47a34abc0616b6ec13e897080db2524223a1511198b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8bff6e2eee5705d45a8913baca4f4359bec8d454c93f1027d083c23e88e07a1
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15f4e49cb82b44032fa93865c455775ca29fe5ae2c1977e58f26b8d83fd4ff4
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b83989190497d54dafc105124fc49b46c52779baca5617ed76e2d30e375bd525
bd26cd1429bcc830b56252b3b57f76c74ab3a50d8d68ccea890910cd2627f7c9
bdf6b1565f546e1e9c1d72eb38aca041f880c81355d8a36a63828c8e322419d8
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c31670203b430bd808773602a3dc1ad71e972b86d0cf3d1d4e437d929a70723e
c33aca9b75b710f310019090576244b90810e3de183b6aaa149c1c278d883c96
c79310e077420df2623a0810adafbe7d7379ee885a763dac420426007a656100
c98be46bc314c768cb8f12ed5c3440f3466652912ffc53f8c7805ff3fe2e3b2d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cd18e580f1b05148dca60e92c451082e01a0b7b45daeb99aa5d17697a943acd8
cf16e19b18266055dec826a7bd5014dcf7f67966c08203c12ba81cc378d96f17
d0cb014fec7751dba1d02bb765a2c18dde54fff1c6fbe69cd7382fcc8d2da9db
d58ed98b1dc851a182b1f82c5761da572ed32c9ff5ad4d6c0084fd05db69c801
d7dca8e7142c4f6e01e6246bb6978fe494f9193851abdb9b0337b121e11db8ec
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021
e3364ffc92c146e368668b5f490952cbfd879ffe9558a1745b13e7c020ea3119
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff1ab16497cac7f842d02f496c139db562f25a61e1f8ee1fa6454be5783df0
eacc97df9ec60ffb58660ab9689ead87ee1ba0a0b77069b6001ab462c92019b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f63e271056ce6a47a22f4676897b74e5b67f8f8244cc49a07a9a6dd6d256e4
f610624225da61c094268c15194a6691d48ca513a589b31bf525b3d36151c117
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe018e12e5972a271c1e305577ca9fd1bdaf6cc2514c7c49584c0c78f5d2db0c

cybernews.com Open in urlscan Pro 2606:4700:3108::ac42:2bc5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

151 Requests

87 %HTTPS

56 %IPv6

33 Domains

43 Subdomains

28 IPs

9 Countries

2163 kBTransfer

4566 kBSize

40 Cookies

10 Outgoing links

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:2bc5 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

87 %
HTTPS

56 %
IPv6

33
Domains

43
Subdomains

28
IPs

9
Countries

2163 kB
Transfer

4566 kB
Size

40
Cookies

151 HTTP transactions
9 data transactions