blog.lumen.com Open in urlscan Pro
50.112.230.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Submission: On January 10 via api (January 10th 2022, 1:17:39 pm UTC) from US — Scanned from DE

Summary HTTP 301 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 48 IPs in 6 countries across 35 domains to perform 301 HTTP transactions. The main IP is 50.112.230.199, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is blog.lumen.com.
TLS certificate: Issued by R3 on January 1st 2022. Valid for: 3 months.

This is the only time blog.lumen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
66	50.112.230.199 50.112.230.199	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
16	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 3	54.72.48.7 54.72.48.7	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.97.57 18.66.97.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	54.72.34.165 54.72.34.165	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
17 39	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
18 38	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
8	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.63 18.66.112.63	16509 (AMAZON-02) (AMAZON-02)
2 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 2	54.247.140.137 54.247.140.137	16509 (AMAZON-02) (AMAZON-02)
1 2	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:225... 2600:9000:2250:aa00:1b:ed91:4680:93a1	16509 (AMAZON-02) (AMAZON-02)
4	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.213.6.222 3.213.6.222	14618 (AMAZON-AES) (AMAZON-AES)
4	54.154.81.57 54.154.81.57	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.229.54.141 3.229.54.141	14618 (AMAZON-AES) (AMAZON-AES)
301	48

66 50.112.230.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-230-199.us-west-2.compute.amazonaws.com

blog.lumen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.48.7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-48-7.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-57.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.34.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-34-165.eu-west-1.compute.amazonaws.com

centurylink.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.centurylink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 17 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 18 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

926-hyv-740.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-63.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9129572.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.140.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-140-137.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:aa00:1b:ed91:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)

csxd.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ct.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.6.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-6-222.compute-1.amazonaws.com

q-aus1.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.154.81.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-81-57.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.54.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-54-141.compute-1.amazonaws.com

k-aus1.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	lumen.com blog.lumen.com	1 MB
48	doubleclick.net 20 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 341 9129572.fls.doubleclick.net — Cisco Umbrella Rank: 239842	25 KB
41	google.com 17 redirects www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 69	29 KB
37	google.de www.google.de — Cisco Umbrella Rank: 6151	3 KB
26	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	991 KB
19	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	1 MB
16	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	170 KB
12	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3535 csxd.contentsquare.net — Cisco Umbrella Rank: 11175 ct.contentsquare.net — Cisco Umbrella Rank: 19204 q-aus1.contentsquare.net — Cisco Umbrella Rank: 9105 c.contentsquare.net — Cisco Umbrella Rank: 3365 k-aus1.contentsquare.net — Cisco Umbrella Rank: 7924	135 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 6222	43 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 444	120 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	81 KB
6	clarity.ms 1 redirects f.clarity.ms — Cisco Umbrella Rank: 2200 c.clarity.ms — Cisco Umbrella Rank: 998	24 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 433 www.linkedin.com — Cisco Umbrella Rank: 624 px4.ads.linkedin.com — Cisco Umbrella Rank: 5443	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	850 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 332 c.bing.com — Cisco Umbrella Rank: 239	12 KB
4	company-target.com 1 redirects api.company-target.com — Cisco Umbrella Rank: 3015 segments.company-target.com — Cisco Umbrella Rank: 1072	3 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184 centurylink.demdex.net — Cisco Umbrella Rank: 167593	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3837	60 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 450	1019 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 385	7 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	38 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	113 KB
2	centurylink.com smetrics.centurylink.com — Cisco Umbrella Rank: 127124	754 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2764	6 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 740	715 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 656	66 B
1	turn.com r.turn.com — Cisco Umbrella Rank: 2156	1 KB
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 6122	19 KB
1	mktoresp.com 926-hyv-740.mktoresp.com — Cisco Umbrella Rank: 198592	311 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 776	517 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 698	398 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 828	2 KB
301	35

	Domain	Requested by
66	blog.lumen.com	blog.lumen.com
39	www.google.com	17 redirects blog.lumen.com www.youtube.com
38	googleads.g.doubleclick.net	18 redirects www.youtube.com www.googleadservices.com
37	www.google.de	blog.lumen.com
26	www.googletagmanager.com	blog.lumen.com www.googletagmanager.com assets.adobedtm.com
19	www.youtube.com	blog.lumen.com www.youtube.com assets.adobedtm.com
16	assets.adobedtm.com	blog.lumen.com assets.adobedtm.com
8	jnn-pa.googleapis.com	www.youtube.com
8	cdn.cookielaw.org	blog.lumen.com cdn.cookielaw.org
6	9129572.fls.doubleclick.net	2 redirects www.googletagmanager.com blog.lumen.com
4	c.contentsquare.net	blog.lumen.com
4	f.clarity.ms	bat.bing.com f.clarity.ms
4	www.facebook.com	blog.lumen.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ct.contentsquare.net	t.contentsquare.net ct.contentsquare.net
3	bat.bing.com	assets.adobedtm.com bat.bing.com blog.lumen.com
3	px.ads.linkedin.com	3 redirects
3	dpm.demdex.net	1 redirects blog.lumen.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	static.addtoany.com	blog.lumen.com static.addtoany.com
2	q-aus1.contentsquare.net	t.contentsquare.net
2	c.clarity.ms	1 redirects blog.lumen.com
2	segments.company-target.com	1 redirects blog.lumen.com
2	match.prod.bidr.io	2 redirects
2	adservice.google.com	9129572.fls.doubleclick.net
2	s.yimg.com	blog.lumen.com s.yimg.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	static.doubleclick.net	www.youtube.com
2	smetrics.centurylink.com	assets.adobedtm.com
2	px4.ads.linkedin.com	blog.lumen.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.company-target.com	assets.adobedtm.com scripts.demandbase.com
2	munchkin.marketo.net	assets.adobedtm.com munchkin.marketo.net
1	k-aus1.contentsquare.net	t.contentsquare.net
1	sp.analytics.yahoo.com	blog.lumen.com
1	c.bing.com	1 redirects
1	csxd.contentsquare.net	t.contentsquare.net
1	id.rlcdn.com	blog.lumen.com
1	r.turn.com	blog.lumen.com
1	scripts.demandbase.com	blog.lumen.com
1	t.contentsquare.net	blog.lumen.com
1	926-hyv-740.mktoresp.com	munchkin.marketo.net
1	www.googleadservices.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	centurylink.demdex.net	assets.adobedtm.com
1	www.linkedin.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	blog.lumen.com
301	52

This site contains links to these domains. Also see Links.

Domain
news.lumen.com
latamblog.lumen.com
www.facebook.com
twitter.com
www.pinterest.com
plus.google.com
www.addtoany.com
malpedia.caad.fkie.fraunhofer.de
blog.malwarebytes.com
www.reuters.com
github.com
www.youtube.com
www.linkedin.com
instagram.com
www.lumen.com
www.onetrust.com

Subject Issuer	Validity	Valid
blog.lumen.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.centurylink.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-08-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-20` - `2022-02-09`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
csxd-02.contentsquare.net Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.contentsquare.net DigiCert SHA2 Secure Server CA	`2021-10-15` - `2022-10-15`	a year	crt.sh
q-aus1.contentsquare.net Amazon	`2021-06-22` - `2022-07-21`	a year	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
k-aus1.contentsquare.net Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Frame ID: E9CEE6359176B1AF242A708C10C43758
Requests: 251 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
Frame ID: E2AAF0969A56A3E4D688F75B4AB73ED2
Requests: 40 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 9D68F1F7BDE5C12193B75D651F24FED2
Requests: 1 HTTP requests in this frame

Frame: https://centurylink.demdex.net/dest5.html?d_nsid=0
Frame ID: B9CF0DFD44187B20A836238023900954
Requests: 1 HTTP requests in this frame

Frame: https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F
Frame ID: 0810AF47870E50F8FD4504DBAF72E413
Requests: 2 HTTP requests in this frame

Frame: https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F
Frame ID: 12D721AF416687A68265A2D236CF8F13
Requests: 2 HTTP requests in this frame

Frame: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.1.0.html?pid=3723&cookieNames=_cs_id,_cs_s,_cs_cvars,_cs_ex
Frame ID: 0D00AA9025E60E827D5BED8E62DBD4F6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A02DDE2B12BA06E6EDD4C29B69AA8C88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Konni Campaign Kicks Off the New Year by Targeting Russian Ministry of Foreign Affairs - LumenBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

301
Requests

91 %
HTTPS

57 %
IPv6

35
Domains

52
Subdomains

48
IPs

6
Countries

4738 kB
Transfer

12934 kB
Size

49
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://news.lumen.com/
Title: NewsRoom

Search URL Search Domain Scan URL

URL: https://latamblog.lumen.com/
Title: LATAM Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Title: Share On Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/&text=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs&url=https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Title: Tweet It

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&media=https%3A%2F%2Fblog.lumen.com%2Fwp-content%2Fuploads%2F2022%2F01%2FKonni.jpg

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&title=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs
Title: Share

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.konni
Title: with the Democratic People’s Republic of Korea

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-intelligence/2021/08/new-variant-of-konni-malware-used-in-campaign-targetting-russia/
Title: Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.reuters.com/world/europe/russian-regions-introduce-qr-codes-entry-public-venues-covid-19-cases-hit-record-2021-10-18/
Title: Russian Vaccine Passport laws

Search URL Search Domain Scan URL

URL: https://twitter.com/BlackLotusLabs/status/1461708689560252428?s=20
Title: use of Konni malware.

Search URL Search Domain Scan URL

URL: https://github.com/blacklotuslabs/IOCs/blob/main/Konni_HappyNewYear_IoCs.txt
Title: please visit our GitHub page

Search URL Search Domain Scan URL

URL: https://twitter.com/BlackLotusLabs
Title: @BlackLotusLabs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lumentechnologies

Search URL Search Domain Scan URL

URL: http://twitter.com/lumentechco

Search URL Search Domain Scan URL

URL: https://www.youtube.com/lumentechnologies

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/lumentechnologies/about/

Search URL Search Domain Scan URL

URL: http://instagram.com/lumentechnologies

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.lumen.com/en-us/about/legal/privacy-notice.html
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264

Request Chain 117

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D512484%26time%3D1641820652397%26url%3Dhttps%253A%252F%252Fblog.lumen.com%252Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true&e_ipv6=AQLmMSNREwAsqwAAAX5EIwZAneSB1iMobBg13cjNyS3L-QYl8IA9fI61PntncNwMCIMH90mFeg

Request Chain 122

https://cm.everesttech.net/cm/dd?d_uuid=24177440369173663240689659143165404625 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ydwx7AAAAKPrvwQp

Request Chain 126

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 158

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998569208/?random=1641820653000&cv=9&fst=1641820653000&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=314065351&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=314065351&resp=GooglemKTybQhCsO&ipr=y

Request Chain 160

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960616693/?random=1641820653001&cv=9&fst=1641820653001&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=400328382&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=400328382&resp=GooglemKTybQhCsO&ipr=y

Request Chain 162

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992012738/?random=1641820653001&cv=9&fst=1641820653001&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3855855332&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3855855332&resp=GooglemKTybQhCsO&ipr=y

Request Chain 164

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787845441/?random=1641820653002&cv=9&fst=1641820653002&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1072185728&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1072185728&resp=GooglemKTybQhCsO&ipr=y

Request Chain 165

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787811664/?random=1641820653003&cv=9&fst=1641820653003&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=573536513&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=573536513&resp=GooglemKTybQhCsO&ipr=y

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963147609/?random=1641820653004&cv=9&fst=1641820653004&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2057270721&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2057270721&resp=GooglemKTybQhCsO&ipr=y

Request Chain 170

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066311636/?random=1641820653006&cv=9&fst=1641820653006&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=51394319&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=51394319&resp=GooglemKTybQhCsO&ipr=y

Request Chain 172

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845851798/?random=1641820653007&cv=9&fst=1641820653007&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2606754063&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2606754063&resp=GooglemKTybQhCsO&ipr=y

Request Chain 174

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859556993/?random=1641820653008&cv=9&fst=1641820653008&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2460451074&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2460451074&resp=GooglemKTybQhCsO&ipr=y

Request Chain 176

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956978286/?random=1641820653009&cv=9&fst=1641820653009&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3161374818&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3161374818&resp=GooglemKTybQhCsO&ipr=y

Request Chain 178

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873173566/?random=1641820653009&cv=9&fst=1641820653009&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2293845655&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2293845655&resp=GooglemKTybQhCsO&ipr=y

Request Chain 180

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870331747/?random=1641820653010&cv=9&fst=1641820653010&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3933251909&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3933251909&resp=GooglemKTybQhCsO&ipr=y

Request Chain 182

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068956443/?random=1641820653011&cv=9&fst=1641820653011&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1028697128&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1028697128&resp=GooglemKTybQhCsO&ipr=y

Request Chain 183

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783006395/?random=1641820653012&cv=9&fst=1641820653012&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&tc=x&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2524126175&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2524126175&resp=GooglemKTybQhCsO&ipr=y

Request Chain 185

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816966859/?random=1641820653013&cv=9&fst=1641820653013&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3496055039&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3496055039&resp=GooglemKTybQhCsO&ipr=y

Request Chain 187

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782327082/?random=1641820653014&cv=9&fst=1641820653014&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=942360671&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=942360671&resp=GooglemKTybQhCsO&ipr=y

Request Chain 189

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783006575/?random=1641820653015&cv=9&fst=1641820653015&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=433515179&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=433515179&resp=GooglemKTybQhCsO&ipr=y

Request Chain 194

https://9129572.fls.doubleclick.net/activityi;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F HTTP 302
https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F

Request Chain 195

https://9129572.fls.doubleclick.net/activityi;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F HTTP 302
https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F

Request Chain 198

https://px.ads.linkedin.com/collect/?pid=7664&conversionId=3093564&fmt=gif HTTP 302
https://px4.ads.linkedin.com/collect?pid=7664&conversionId=3093564&fmt=gif&e_ipv6=AQLToYj-ICbARQAAAX5EIwaXs9QlH6JSgnYbBVvxJkv8EcgolBdYYWU420mvXFsEDdB5FaU_bw

Request Chain 246

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ&verifyHash=7b8f95c730e6c47726826812349335202b200fe

Request Chain 259

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&RedC=c.clarity.ms&MXFR=3C1412D11AF8614B0A2903F91EF86FE4 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&MUID=0932762FF6F46DA108106707F79F6C00

301 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/ 91 KB
22 KB 799ms
367ms Document
text/html 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache / PHP/7.3.18

Resource Hash

16f3d374b0d55ac2cf2763c81b6741c7ef2bf426af5bfc720f9baccfe8cd6e26

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 10 Jan 2022 13:17:30 GMT
Server: Apache
X-Powered-By: PHP/7.3.18
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
Pragma: no-cache
Link: <https://blog.lumen.com/wp-json/>; rel="https://api.w.org/", <https://blog.lumen.com/wp-json/wp/v2/posts/13280>; rel="alternate"; type="application/json", <https://blog.lumen.com/?p=13280>; rel=shortlink
X-Frame-Options: https://discover.lumen.com
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21322
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 54ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e9404f8a901542e1fab59c9e1694045d135285c95dbe16dd276db17363b2434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36278
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:30 GMT

GET
H/1.1 200
OK style.min.css
blog.lumen.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 161ms
161ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 18:46:15 GMT
Server: Apache
ETag: "e33b-5c85ba25c744f-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8685

GET
H/1.1 200
OK uaf.css
blog.lumen.com/wp-content/uploads/useanyfont/ 510 B
637 B 302ms
161ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

50f82bda03703f719cff748e32ecd69e4724092fe2ae76a522e4270ff133d6ce

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:44 GMT
Server: Apache
ETag: "1fe-5c85be47f189d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 273

GET
H/1.1 200
OK frontend.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/css/ 70 KB
10 KB 322ms
161ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8adc377a6a5c1d3a9ab10793c57b6dc6fdfcff0de61f52dda905da037d1c1e7c

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "117d9-5c85be55574ed-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9791

GET
H/1.1 200
OK flatpickr.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 463ms
160ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "3e52-5c85be555c30d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3011

GET
H/1.1 200
OK select2.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 469ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "3a75-5c85be555848d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1995

GET
H/1.1 200
OK reset.css
blog.lumen.com/wp-content/themes/grandnews/css/ 547 B
690 B 470ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/reset.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f0c7be55f463c02bbd134c6e2afd2e4137a16468073856266042151fb8057609

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "223-5ae561721cec4-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 325

GET
H/1.1 200
OK wordpress.css
blog.lumen.com/wp-content/themes/grandnews/css/ 3 KB
1 KB 476ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/wordpress.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

27bd3b47f7d1b9adb2575bbf0e960d25fdb28b2e1610d335bf42c62177a32a28

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "bfd-5ae561721cec4-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1018

GET
H/1.1 200
OK animation.css
blog.lumen.com/wp-content/themes/grandnews/css/ 7 KB
1 KB 476ms
159ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/animation.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0edd6b41260434bd366c0aa048e8f33fdf659603f62f1a997ca64c03b3f004be

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1d9b-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 927

GET
H/1.1 200
OK ilightbox.css
blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ 7 KB
2 KB 481ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

cbe20461a1710866e2834c9ce87f0f31d61ef09ba3db1d9eca72b957dfc066b9

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1dee-5ae561721af84-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1520

GET
H/1.1 200
OK custom.css
blog.lumen.com/wp-content/themes/grandnews/css/jqueryui/ 19 KB
4 KB 627ms
164ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/jqueryui/custom.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

80ccff5d5ffccfb54d9645d87ee2def16f0dbc4354edee193f87f7156088fdd7

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "4d50-5ae561721de64-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3747

GET
H/1.1 200
OK flexslider.css
blog.lumen.com/wp-content/themes/grandnews/js/flexslider/ 5 KB
2 KB 628ms
159ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/flexslider/flexslider.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

85b3833b74166fdd5117d2932dfd70194654224487768a33450ac6fae2eaabf2

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "13bc-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1621

GET
H/1.1 200
OK tooltipster.css
blog.lumen.com/wp-content/themes/grandnews/css/ 9 KB
2 KB 629ms
159ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/tooltipster.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0c75d452f31db2e3597de899da1030a5482b121f6bbad925606c6acc7e4f6190

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "2300-5ae561721de64-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1647

GET
H/1.1 200
OK screen.css
blog.lumen.com/wp-content/themes/grandnews/css/ 150 KB
23 KB 646ms
169ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9f2ae0cd6aba41f079d3ee56c0518081cafd8704bf8f6336df2553c48ea0f52b

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "25859-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 23387

GET
H/1.1 200
OK left-align.css
blog.lumen.com/wp-content/themes/grandnews/css/menu/ 1 KB
817 B 635ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/menu/left-align.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b52cc4be6a05df6efda2ceb5ecdf84f34f97a70ebc8c65751cb4b3bf97030ea2

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "481-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 453

GET
H/1.1 200
OK font-awesome.min.css
blog.lumen.com/wp-content/themes/grandnews/css/ 28 KB
7 KB 641ms
159ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "7187-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6666

GET
H/1.1 200
OK wp-review.css
blog.lumen.com/wp-content/plugins/wp-review/public/css/ 37 KB
6 KB 794ms
165ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-review/public/css/wp-review.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:55 GMT
Server: Apache
ETag: "92f1-5c85be51f31f8-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5976

GET
H/1.1 200
OK addtoany.min.css
blog.lumen.com/wp-content/plugins/add-to-any/ 1 KB
851 B 789ms
160ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/add-to-any/addtoany.min.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:03:39 GMT
Server: Apache
ETag: "5ef-5c85be096763d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 487

GET
H2 200 css
fonts.googleapis.com/ 51 KB
2 KB 43ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A800%2C700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CRaleway%3A700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01afffef7a2ddc35bd19750a898ae052c988bfab4d00e8130f2c70ea3136f412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 13:17:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 13:17:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jan 2022 13:17:30 GMT

GET
H/1.1 200
OK kirki-styles.css
blog.lumen.com/wp-content/themes/grandnews/modules/kirki/assets/css/ 0
308 B 790ms
160ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/modules/kirki/assets/css/kirki-styles.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "0-5ae561721fda4"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H/1.1 200
OK grid.css
blog.lumen.com/wp-content/themes/grandnews/css/ 45 KB
7 KB 795ms
160ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/grid.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

69f06f02087358cfdf71ea8c1db996682a2b35ff4cadc602c00c3f4d20071fd9

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "b5d6-5ae561721cec4-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7003

GET
H/1.1 200
OK left-align-grid.css
blog.lumen.com/wp-content/themes/grandnews/css/menu/ 1 KB
749 B 798ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/menu/left-align-grid.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5012972953bac6293f8af3138102e6870b5aa9e04a8385c00f629063222639c4

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "59f-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 385

GET
H/1.1 200
OK admin-ajax.php
blog.lumen.com/wp-admin/ 1 KB
1 KB 1042ms
252ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-admin/admin-ajax.php?action=grandnews_custom_css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache / PHP/7.3.18

Resource Hash

36f49c3349b36ba14678127a8cd6c90108b403a591824c0266d5cc1da2a8f10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.18
Connection: Keep-Alive
Content-Length: 588
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK frontend-gtag.min.js Show response
blog.lumen.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 1115ms
160ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:05 GMT
Server: Apache
ETag: "23d2-5c85be230cfa0-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2801

GET
H/1.1 200
OK jquery.min.js Show response
blog.lumen.com/wp-includes/js/jquery/ 87 KB
31 KB 1123ms
166ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 18:46:15 GMT
Server: Apache
ETag: "15d98-5c85ba25d3f70-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 30916

GET
H/1.1 200
OK jquery-migrate.min.js Show response
blog.lumen.com/wp-includes/js/jquery/ 11 KB
4 KB 1127ms
159ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 18:46:15 GMT
Server: Apache
ETag: "2bd8-5c85ba25d3f70-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4169

GET
H/1.1 200
OK addtoany.min.js Show response
blog.lumen.com/wp-content/plugins/add-to-any/ 129 B
503 B 1198ms
156ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/add-to-any/addtoany.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:03:39 GMT
Server: Apache
ETag: "81-5c85be096281c-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 126

GET
H/1.1 200
OK flatpickr.min.js Show response
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 47 KB
14 KB 1267ms
161ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "bd86-5c85be555c30d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 13761

GET
H/1.1 200
OK select2.min.js Show response
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 1278ms
164ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "114c3-5c85be555848d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 19904

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 63ms
28ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 9148
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jan 2022 07:32:13 GMT
server: cloudflare
etag: 0x8D9D0E6A87A7FA2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 04179e4a-f01e-0048-3eea-02ea7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62f9afa86e8ff-MXP

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
blog.lumen.com/wp-includes/js/ 14 KB
5 KB 158ms
157ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

321f00124a60fc5e6c1f960b862e6b3e6eaf7c55e8c2aba6f5b23cb6932fa498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 14229
Server: Apache
Etag: W/"PSA-aj-FV55lDMTVa"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Cache-Control: max-age=158
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4555
Keep-Alive: timeout=5, max=90
Expires: Mon, 10 Jan 2022 13:20:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 986
date: Mon, 10 Jan 2022 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 15:01:06 GMT

GET
H2 200 launch-22e49494a283.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/ 520 KB
133 KB 43ms
18ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 11dc9df494cc0b52076d639efb1be42f1c1de3f9db71a8c3a8f86bc0f924fe14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "3c88a9fd105e6b44decaf468c0f7aab8:1641233769.107922"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 135539
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H/1.1 200
OK Lumen-Logo.png
blog.lumen.com/wp-content/uploads/2020/09/ 2 KB
2 KB 269ms
170ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2020/09/Lumen-Logo.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

96c76a7af27cb509867c24dc39e493bf5d3a3c7abcabc7c1ee56a3907a495cf2

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Mon, 14 Sep 2020 02:10:56 GMT
Server: Apache
ETag: "6df-5af3c8b7a7e38"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1759

GET
H/1.1 200
OK BLL-Square-No-Border-65x65.png
blog.lumen.com/wp-content/uploads/2021/01/ 1005 B
1 KB 280ms
172ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2021/01/BLL-Square-No-Border-65x65.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

72e1f4b24380d6707ac1181f875e255dd37b71628602b59523f854b63b619429

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Mon, 25 Jan 2021 23:11:16 GMT
Server: Apache
ETag: "3ed-5b9c1a7b0db0a"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1005

GET
H/1.1 200
OK Konni.jpg
blog.lumen.com/wp-content/uploads/2022/01/ 57 KB
58 KB 282ms
174ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Konni.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a7f6eee74beda7796e8314b95c76327ef88005a07657ba5dcc701d5da4d9ba95

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Wed, 05 Jan 2022 19:04:06 GMT
Server: Apache
ETag: "e58a-5d4da6b00d525"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 58762

GET
H/1.1 200
OK BLL-Square-No-Border-300x300.png
blog.lumen.com/wp-content/uploads/2021/01/ 7 KB
7 KB 157ms
157ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2021/01/BLL-Square-No-Border-300x300.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5a87da688bb4ee5a5fc733416d7200546ca989356bee3bf24765bbb9eed111c1

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Mon, 25 Jan 2021 23:11:16 GMT
Server: Apache
ETag: "1aba-5b9c1a7aaef75"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 6842

GET
H/1.1 200
OK ISP-Matching-700x466.jpg
blog.lumen.com/wp-content/uploads/2022/01/ 35 KB
35 KB 162ms
162ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/ISP-Matching-700x466.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

3ecafab04f5ed199e5492f59233b4e7f5b7bb32fa9a54bb494d9df6205059113

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Thu, 06 Jan 2022 18:22:13 GMT
Server: Apache
ETag: "8bff-5d4edf309c994"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 35839

GET
H/1.1 200
OK Konni-700x466.jpg
blog.lumen.com/wp-content/uploads/2022/01/ 44 KB
45 KB 160ms
160ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Konni-700x466.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

02f54b099729ba6e13e1ad0a10209132809beb9943bb9b504f3c76bdfcab69dc

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Wed, 05 Jan 2022 19:04:06 GMT
Server: Apache
ETag: "b121-5d4da6b03b37f"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 45345

GET
H/1.1 200
OK BLL-9.15-700x466.jpg
blog.lumen.com/wp-content/uploads/2021/09/ 90 KB
91 KB 159ms
159ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2021/09/BLL-9.15-700x466.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a37d74920e3dbcc1bb62872d01435c6b1959b2a2cb0e7d9b281facd04cf52c10

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Tue, 14 Sep 2021 17:40:30 GMT
Server: Apache
ETag: "1695c-5cbf813ee048d"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 92508

GET
H/1.1 200
OK rr-2.0-700x466.jpg
blog.lumen.com/wp-content/uploads/2021/08/ 81 KB
81 KB 163ms
163ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2021/08/rr-2.0-700x466.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8a2b170aade2fe6e5c1e7965442121e6a3472ef61b542e56451f3a3dc6f0012f

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Tue, 10 Aug 2021 20:15:42 GMT
Server: Apache
ETag: "144b4-5c93a2a86901f"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 83124

GET
H/1.1 200
OK BLL-CTF-700x466.jpg
blog.lumen.com/wp-content/uploads/2021/08/ 43 KB
44 KB 163ms
163ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2021/08/BLL-CTF-700x466.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a93e4aa8c93413cd9f2a79f9c3012a2d4ae68a8caea0ced533c493afb18f0ab5

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Wed, 04 Aug 2021 18:33:11 GMT
Server: Apache
ETag: "ad24-5c8c008dd9a9c"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 44324

GET
H/1.1 200
OK related.css
blog.lumen.com/wp-content/plugins/yet-another-related-posts-plugin/style/ 495 B
648 B 157ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:05:04 GMT
Server: Apache
ETag: "1ef-5c85be5add677-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 284

GET
H/1.1 200
OK frontend.min.js Show response
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 159ms
159ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:58 GMT
Server: Apache
ETag: "236e-5c85be555848d-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2284

GET
H/1.1 200
OK ilightbox.packed.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 50 KB
23 KB 165ms
165ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/ilightbox.packed.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fd96d9b3f117bd211bf9c6450e287560b6bcc50871852a51b46271c6bb26c520

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "c939-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 22699

GET
H/1.1 200
OK jquery.easing.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 8 KB
2 KB 158ms
156ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.easing.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1fa1-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1986

GET
H/1.1 200
OK jquery.sticky-kit.min.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 3 KB
2 KB 165ms
162ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.sticky-kit.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "aee-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1295

GET
H/1.1 200
OK jquery.lazy.min.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 4 KB
2 KB 166ms
163ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.lazy.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6829c1878e43fdd02c7244b48260f1ff88f6fcac41d1c301ba0ae1377e73a445

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "f48-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1765

GET
H/1.1 200
OK jquery.cookie.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 3 KB
2 KB 176ms
174ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.cookie.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "c44-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1395

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 17 KB
5 KB 160ms
159ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.tooltipster.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

da1ba35a2a2d6ce67672b81a8bd061e3eb6cfdb6d7369252c89b059150631787

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "420c-5ae561722a985-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 4701

GET
H/1.1 200
OK custom_plugins.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 7 KB
2 KB 158ms
157ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/custom_plugins.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a21b30b2a786682f0d591c7efecd653f038607546881ada1af46a9a25850e789

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1c36-5ae561722b925-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1685

GET
H/1.1 200
OK custom.js Show response
blog.lumen.com/wp-content/themes/grandnews/js/ 13 KB
4 KB 159ms
159ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/js/custom.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e701b8c32867d0e3d7421103495316d2b3709ca3568a83bfad9ea816f12aaf6d

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Sep 2020 20:49:55 GMT
Server: Apache
ETag: "3594-5ae8302d6fba1-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3209

GET
H/1.1 200
OK js.cookie.min.js Show response
blog.lumen.com/wp-content/plugins/wp-review/public/js/ 2 KB
1 KB 159ms
159ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-review/public/js/js.cookie.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:55 GMT
Server: Apache
ETag: "69f-5c85be51f4198-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 866

GET
H/1.1 200
OK underscore.min.js Show response
blog.lumen.com/wp-includes/js/ 16 KB
6 KB 159ms
158ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/underscore.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 15 Apr 2021 08:50:42 GMT
Server: Apache
ETag: "3ead-5bffef5588421-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 5663

GET
H/1.1 200
OK wp-util.min.js Show response
blog.lumen.com/wp-includes/js/ 1 KB
967 B 159ms
158ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/wp-util.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 15 Apr 2021 08:50:42 GMT
Server: Apache
ETag: "435-5bffef5599d63-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 589

GET
H/1.1 200
OK main.js Show response
blog.lumen.com/wp-content/plugins/wp-review/public/js/ 3 KB
2 KB 157ms
156ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/plugins/wp-review/public/js/main.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 30 Jul 2021 19:04:55 GMT
Server: Apache
ETag: "bdb-5c85be51f4198-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1158

GET
H/1.1 200
OK wp-embed.min.js Show response
blog.lumen.com/wp-includes/js/ 1 KB
1 KB 160ms
160ms Script
application/javascript 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-includes/js/wp-embed.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 15 Apr 2021 08:50:42 GMT
Server: Apache
ETag: "592-5bffef558a361-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 765

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/dark-skin/ 7 KB
2 KB 466ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/dark-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1c79-5ae561721cec4-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1319

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/light-skin/ 7 KB
2 KB 473ms
160ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/light-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a7ed0f85261e7d594171e2dfd5032c23abae12d922850af74bcd002a03ae540c

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "1d1b-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1321

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/parade-skin/ 2 KB
952 B 472ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/parade-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f5d5326d6927dde6e8e78e6ed65e9c46377c37ec06d33a4e9e0dd41510b12bdc

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "8dd-5ae561721bf24-gzip"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 588

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/metro-black-skin/ 5 KB
1 KB 474ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/metro-black-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

785691245376d470ef742734e34c4d5907a26242bb8f21dbc9a50cfeaa86be42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 5919
Server: Apache
Etag: W/"PSA-aj-6GxWGPtd18"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Cache-Control: max-age=90
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1068
Keep-Alive: timeout=5, max=95
Expires: Mon, 10 Jan 2022 13:19:02 GMT

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/metro-white-skin/ 6 KB
2 KB 486ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/metro-white-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

02e87da822ac986c75223804fa7b867343ac35df9c9c022cbbcbeda040e83569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 7958
Server: Apache
Etag: W/"PSA-aj-hL97wnZXdq"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Cache-Control: max-age=90
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1194
Keep-Alive: timeout=5, max=98
Expires: Mon, 10 Jan 2022 13:19:02 GMT

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/mac-skin/ 9 KB
2 KB 624ms
157ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/mac-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e1a14e5eaf9894bf95b58aa8afa56fea3f01385e3acae98fe5229f9d706ec073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 11639
Server: Apache
Etag: W/"PSA-aj-g5GWw6mQ9U"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Cache-Control: max-age=90
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1443
Keep-Alive: timeout=5, max=96
Expires: Mon, 10 Jan 2022 13:19:02 GMT

GET
H/1.1 200
OK skin.css
blog.lumen.com/wp-content/themes/grandnews/css/smooth-skin/ 6 KB
2 KB 631ms
158ms Stylesheet
text/css 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/css/smooth-skin/skin.css

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

26500e258c44472f70b852592d16dabd8260ea07db06d5da22a9a9e60ee8c414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 7374
Server: Apache
Etag: W/"PSA-aj-l-MuF2Jz1E"
X-Frame-Options: https://discover.lumen.com
Content-Type: text/css
Cache-Control: max-age=90
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1248
Keep-Alive: timeout=5, max=96
Expires: Mon, 10 Jan 2022 13:19:02 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 82ms
31ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37168
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6cb62fa42bb83748-MXP
cf-bgj: minify

GET
H2 200 e733a0d8-63ff-4a39-b870-9ef50b603bcf.json Show response
cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/ 5 KB
2 KB 212ms
176ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/e733a0d8-63ff-4a39-b870-9ef50b603bcf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07080790d7f9d7916c29d2e6b8399bcc7b1d96737804883c6f36738fc65e97cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: LUDtzQhkRiJZZDwkQmQVtw==
vary: Accept-Encoding
content-length: 1628
x-ms-lease-status: unlocked
last-modified: Fri, 10 Dec 2021 21:52:12 GMT
server: cloudflare
etag: 0x8D9BC2752849F50
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ea4b15a3-101e-0006-270a-022f9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62fa40fc359ef-MXP
expires: Mon, 10 Jan 2022 17:17:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
42 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWF636

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b673b306074ff41083de3d9770be8efe0a0c6c2aacd32bb6af6853d6ac081553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42645
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H2 200 tqiYhn2fQIY Show response
www.youtube.com/embed/ Frame E2AA 60 KB
26 KB 77ms
52ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e251dccf9bb0f1f71133b08f1d1af375cc74452d4fc7d7ce6e5efc8120f3e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Jan 2022 13:17:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A800%2C700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CRaleway%3A700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 415273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 17:56:19 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
blog.lumen.com/wp-content/themes/grandnews/fonts/ 70 KB
71 KB 276ms
169ms Font
font/woff2 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/themes/grandnews/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Referer: https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Wed, 02 Sep 2020 15:14:22 GMT
Server: Apache
ETag: "118d8-5ae561721ee04"
X-Frame-Options: https://discover.lumen.com
Content-Type: font/woff2
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 71896

GET
H/1.1 200
OK 190628074915MaisonNeue.woff
blog.lumen.com/wp-content/uploads/useanyfont/ 29 KB
30 KB 295ms
172ms Font
font/woff 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.lumen.com/wp-content/uploads/useanyfont/190628074915MaisonNeue.woff

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7e29c072a03e9825f54a07dbecb8cbd7f1fc934fa4886692717e18b3d393f8ff

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Referer: https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Fri, 28 Jun 2019 19:49:15 GMT
Server: Apache
ETag: "757c-58c6792be04c0"
X-Frame-Options: https://discover.lumen.com
Content-Type: font/woff
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 30076

GET
H/1.1 200
OK Figure1_CampaignOverview-1024x747.png
blog.lumen.com/wp-content/uploads/2022/01/ 186 KB
186 KB 160ms
158ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Figure1_CampaignOverview-1024x747.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

838731fc893310675fa65bb708bbe8813968b93e8e48ac0be39903baac9a0df6

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Last-Modified: Wed, 05 Jan 2022 18:14:34 GMT
Server: Apache
ETag: "2e665-5d4d9b9d907b6"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 190053

GET
H/1.1 200
OK Figure2_LetsEncryptCert.png
blog.lumen.com/wp-content/uploads/2022/01/ 243 KB
243 KB 159ms
158ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Figure2_LetsEncryptCert.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

03c2d3341c0de0a32be63b40905eedc1b643192f932d95abfc4d0bb3fe9e1150

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Last-Modified: Wed, 05 Jan 2022 18:18:59 GMT
Server: Apache
ETag: "3ccc1-5d4d9c9a0d52b"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 249025

GET
H/1.1 200
OK Figure3_MaliciousLink.png
blog.lumen.com/wp-content/uploads/2022/01/ 30 KB
30 KB 161ms
160ms Image
image/png 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Figure3_MaliciousLink.png

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6384abcc9596655574c90694dfbde23dcbb5cea26c595fb1b60e22fe98e0e24e

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Last-Modified: Wed, 05 Jan 2022 18:20:47 GMT
Server: Apache
ETag: "776d-5d4d9d00e7a1c"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 30573

GET
H/1.1 200
OK Figure4_CovidVaccinationForm.jpg
blog.lumen.com/wp-content/uploads/2022/01/ 165 KB
165 KB 161ms
161ms Image
image/jpeg 50.112.230.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.lumen.com/wp-content/uploads/2022/01/Figure4_CovidVaccinationForm.jpg

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-230-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

714429ecf6aaf22388d577c0ca211c0f58129e41c8692939420fe96e49ef89fc

Security Headers

Name	Value
X-Frame-Options	https://discover.lumen.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Last-Modified: Wed, 05 Jan 2022 18:21:54 GMT
Server: Apache
ETag: "29252-5d4d9d418621d"
X-Frame-Options: https://discover.lumen.com
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 168530

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 12:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Jan 2022 13:53:44 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264

370 B
1 KB

51ms
50ms

XHR
application/json

54.72.48.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Server

54.72.48.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-48-7.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a840464a6fc26fd69a943d989bc84bc44b437349d493b2f43b0bfe1df353bce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0beba7042.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mAbnogkXTHA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://blog.lumen.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v026-0ad0e31d4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://blog.lumen.com
X-TID: 7HYK8UpJTn0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1641820652264
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12200
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 77ms
27ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWF636
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75660
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41153014-10&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d03a456f2316883a9346e0cca40a43dde22a6bda6c2f7732b6ed0124074953d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36295
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1825c7016faa46c1c6127f10be9f9f8bb6a0cfa616fa2cd4f2a2750144d1474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36169
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9129572&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1b1c780253f165047e9b30b76816b144a3f6d72d471413306fc62de536ec831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36082
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-357010618&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df5b81025d3e0d5e272244df7d6daa62ca081cec443da8e82b182bb0ef978d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39629
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 114ms
112ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-998569208&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d037a233538ededb85d322cc5c9b111175dad4a276f95ffc57af8debfc876e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39631
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-956978286&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05c8be78de7fd954365a1644813796b7212c4f3bcc96d7efb1a9917c8e8e05f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39632
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-859556993&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c079194095af0996e73b7bd403a83951f51ef3777ad338ea8cc0b2b10d492785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39633
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-960616693&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e08c4b91021c6d450e7222630604bb17d5a8fee1182ecf98bcc484a979a839b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39630
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845851798&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e0e1b1a73484c455417ab2b822011ab9f984a81e39cf243443f6182d8e4ae19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39632
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 39ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-873173566&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d49a3f970fce7552d5503eb1ad0ceffdbe07fa9208cc7c2dfa87cf8fd30095f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39630
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 74ms
72ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963147609&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5accd08ce149aab12721799f06c62096136ecbef421a94cfbeaf59a6cc4019d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39632
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 132ms
130ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-787845441&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a1ee4ba3cbb9a7ec6750fd34f36c96389ea3d458c4bbd538f95d9ce7827d18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39632
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066311636&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

190913b4e487dee7ae3aeb9cf8f0b858a46f85b28ead9d24918434811052ad58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39694
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-787811664&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc9bc5ed82d1afd82adc39797ae8fccf0521d8a7a39e3688b3c0251de89b0000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39634
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-816966859&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b353e044c92aeb68da6998845a98da6edb7a97b28ba9b070af47fc4b7f492f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39631
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 49ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-782327082&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d01a94c077fd7478173873016e6aeffba3b92c5823a3cec9c9b0d9bfdfdac12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39634
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-783006395&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d881f3a245d5aa156bf4dab9e70758d779283cd535603a46b74f966196cacca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39710
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 120ms
118ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-783006575&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96f6b2488ef56550ebc11634ca36a47d59ff7f6b029098a44dba170c674ead09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39631
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-992012738&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91335829b60dcfb864d00b920be8993b8bc3e8275d796121b72df743ae6d19bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39629
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 103ms
102ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-772952690&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59fb375e99652e717761543d28849e47af560ef77474e230030985e7edbe91c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39630
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1068956443&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cab87c1ef87d86e9d60210ac42d5546c655f9a61063bb0477b0cf488514056c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39694
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 97ms
96ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-870331747&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41153014-24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc1e99d70e90c0e193dfef7fff2af3370838c17ca0804460723a9073f4271b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39631
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41153014-10

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41c48f7fe9cbc4d4a9f1f62b514ec1cefc0a6282b39c0cda77cb0ecd6a760f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36287
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 100ms
27ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 425 B
903 B 165ms
72ms XHR
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=X21DJyPPSD2khkfyb6OTTMVruEPF4o8f8IMnhLWR&page=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&referrer=&page_title=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&src=adobelaunch
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-57.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 710ff0af36d28d46a986a15f4744beb4306e36e19fc2e907dc90cd71e8ab602a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 5dd8e964-d763-4deb-8290-b8fef95a081f
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blog.lumen.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FPhS4xnDDJAkWXTSqyOCR6wRWS344VV7tL7HnRw50uRsLPaRw90EDg==
expires: Sun, 09 Jan 2022 13:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 110ms
110ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9129572

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df26828295e85aa9ec611122bcfd5fe04e26b2a2c95c85a6e33c02c4cb19868f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36083
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame E2AA 338 KB
46 KB 30ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 04:26:11 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame E2AA 227 KB
73 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 12:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 12:52:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 2 MB
529 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541622
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:26 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame E2AA 8 KB
3 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 11:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Jan 2023 11:32:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E2AA 15 KB
15 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 504651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:06:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
25ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=444922341&t=pageview&_s=1&dl=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&ul=en-us&de=UTF-8&dt=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1080916865&gjid=1314567068&cid=1639072993.1641820652&tid=UA-41153014-24&_gid=161263809.1641820652&_r=1&gtm=2ou150&did=dZGIzZG&gdid=dZGIzZG&z=808512687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 121ms
52ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb62fa5b8c083a0-MXP

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 9D68 741 B
858 B 72ms
46ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e4s
cf-cache-status: HIT
age: 1773017
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6cb62fa57d8a4e8b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 67ms
59ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5290804
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6cb62fa57d904e8b-FRA
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 96ms
28ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41153014-24&cid=1639072993.1641820652&jid=1080916865&gjid=1314567068&_gid=161263809.1641820652&_u=aGBAAUIgAAAAAC~&z=2096663013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 13:17:32 GMT
content-type: text/plain
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D512484%26time%3D1641820652397%26url%3Dhttps%253A%252F%252Fblog.lumen.com%252Fnew-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true&e_ip...

0
155 B

338ms
117ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true&e_ipv6=AQLmMSNREwAsqwAAAX5EIwZAneSB1iMobBg13cjNyS3L-QYl8IA9fI61PntncNwMCIMH90mFeg
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 3kHghi/ryBagHWRCfSsAAA==

Redirect headers

date: Mon, 10 Jan 2022 13:17:32 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A9F3740D5B0F4B97B0CF273B05A03D8B Ref B: VIEEDGE3216 Ref C: 2022-01-10T13:17:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1641820652397&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&liSync=true&e_ipv6=AQLmMSNREwAsqwAAAX5EIwZAneSB1iMobBg13cjNyS3L-QYl8IA9fI61PntncNwMCIMH90mFeg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXVOijQKFB8Yhy3Y4+97Q==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 32ms
32ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Wed, 20 Apr 2022 13:17:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
30ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=444922341&t=pageview&_s=1&dl=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&ul=en-us&de=UTF-8&dt=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUIhAAAAAC~&jid=238015513&gjid=956695742&cid=1639072993.1641820652&tid=UA-41153014-10&_gid=161263809.1641820652&_r=1&gtm=2ou150&did=dZGIzZG&gdid=dZGIzZG&z=1080258114

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
centurylink.demdex.net/ Frame B9CF 7 KB
3 KB 144ms
38ms Document
text/html 54.72.34.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://centurylink.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.34.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-34-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 10 Jan 2022 13:17:32 GMT
DCS: dcs-prod-irl1-2-v026-0e85fa5db.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:26:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: pIds72mkThU=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.centurylink.com/ 48 B
510 B 254ms
16ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.centurylink.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=AA683BC75245B3880A490D4D%40AdobeOrg&mid=30385829150644729780158913779529354871&ts=1641820652523

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ab9ba143cfc59363c365bf3af78e198c11ad2d6656a788c203eec05ac12a9154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-4k8cz
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Ydwx7AAAAKPrvwQp
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=24177440369173663240689659143165404625
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ydwx7AAAAKPrvwQp

42 B
943 B

34ms
34ms

Image
image/gif

54.72.48.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ydwx7AAAAKPrvwQp

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

HTTP/1.1

Server

54.72.48.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-48-7.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0a1e34d76.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VNMRqLMeQ/I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ydwx7AAAAKPrvwQp
Date: Mon, 10 Jan 2022 13:17:32 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 44ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41153014-10&cid=1639072993.1641820652&jid=238015513&gjid=956695742&_gid=161263809.1641820652&_u=6GDAAUIhAAAAAC~&z=567025454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 13:17:32 GMT
content-type: text/plain
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 58ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41153014-24&cid=1639072993.1641820652&jid=1080916865&_u=aGBAAUIgAAAAAC~&z=28704870

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41153014-24&cid=1639072993.1641820652&jid=1080916865&_u=aGBAAUIgAAAAAC~&z=28704870

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E2AA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
15ms

XHR
application/json

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

616cf6810015ea3770ac3caa395edcaa640ef5c14d66f26fd0b7118427b80f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E2AA 29 B
588 B 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:12:14 GMT
x-content-type-options: nosniff
age: 318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 13:27:14 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 40ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-357010618&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14724
x-xss-protection: 0
server: cafe
etag: 224124413464385116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 13:17:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: Iw2SNfPd9FESzv2B0nyl9plQ8L1mqGStEHRszr9Sa1czFPNarBYg5RK29Fqx7mJTRDsBBTNmCF+BRIrUhOoMmA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 10 Jan 2022 13:17:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
926-hyv-740.mktoresp.com/webevents/ 2 B
311 B 733ms
96ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://926-hyv-740.mktoresp.com/webevents/visitWebPage?_mchNc=1641820652787&_mchCn=&_mchId=926-HYV-740&_mchTk=_mch-lumen.com-1641820652786-45303&_mchHo=blog.lumen.com&_mchPo=&_mchRu=%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=AA683BC75245B3880A490D4D%40AdobeOrg%3A%3A&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: bb101828-328d-4450-952e-931840efbdac

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 53ms
17ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 10 Jan 2022 13:17:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E2AA 43 KB
20 KB 45ms
28ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58dd85f2b7b1c4c4113ee2fdf06db8baee8130320bb5b42cb9ffac3dd44d24bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 20788
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 94 KB
29 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29833
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
H3 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame E2AA 35 KB
13 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 15:46:37 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 26 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.27.0/ 321 KB
76 KB 52ms
52ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
age: 8715
vary: Accept-Encoding
content-length: 78056
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
server: cloudflare
etag: 0x8D9B37727F240FD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ec23f712-301e-007c-8072-e545d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62fa86949e8ff-MXP

GET
DATA 200
OK truncated
/ Frame E2AA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRqf_cSzvH5D6BfJiUeNFauxHATUZa7N476sTuc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E2AA 1 KB
2 KB 38ms
12ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRqf_cSzvH5D6BfJiUeNFauxHATUZa7N476sTuc=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c11279f1b5c2ffceb366fdaff5a996977a9831c5db265eb25740d4729c763e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 10:30:18 GMT
x-content-type-options: nosniff
age: 10034
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
server: fife
etag: "v9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Dec 2021 11:04:02 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/tqiYhn2fQIY/ Frame E2AA 19 KB
19 KB 36ms
11ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/tqiYhn2fQIY/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c503eecf1acd77cd695259e9c52e65efb25ca415f9ab2f1c32bd30bbfcec35e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:05:21 GMT
x-content-type-options: nosniff
age: 731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19308
x-xss-protection: 0
server: sffe
etag: "1599943083"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Jan 2022 15:05:21 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41153014-10&cid=1639072993.1641820652&jid=238015513&_u=6GDAAUIhAAAAAC~&z=2028316607

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41153014-10&cid=1639072993.1641820652&jid=238015513&_u=6GDAAUIhAAAAAC~&z=2028316607

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC68e58e7f0a7a4fc9a67bfe5e33a08ba1-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 38 KB
11 KB 14ms
12ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC68e58e7f0a7a4fc9a67bfe5e33a08ba1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b73e9398596cacec72ddcd48cc467dcb1d2d1f452ba56feebac8dec8ec346460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 11039
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RCdea8c7b08f234d6babec6d669e628bc8-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 3 KB
1 KB 15ms
13ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RCdea8c7b08f234d6babec6d669e628bc8-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 173baad87f19ec62b36a2510ca57f3a735adcd247a3cac531cf82ad8def5a4c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1016
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RCc4541f73a1df47bb84db8e2b4f6e702c-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 18 KB
3 KB 15ms
13ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RCc4541f73a1df47bb84db8e2b4f6e702c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c4a76db50f9e5bb21ac4afe87ba9df97523bce5abe0360e3e6b395e36a3870bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 3050
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC75af077b4c9d4298a1b04ac552f9f765-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 1 KB
850 B 15ms
14ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC75af077b4c9d4298a1b04ac552f9f765-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 16a7b5028752301dad9e2ae9decfece30905273786f2567329583e78d33da66c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 586
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC8ff665f8697b46bebd4ec98322bbe644-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 943 B
731 B 16ms
14ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC8ff665f8697b46bebd4ec98322bbe644-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f83192f9f25e3256b595e2834c97386a3cd470333368e9392955558be0e3d1ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 467
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC00eb819810964a7f8d50efdc056516ff-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 805 B
701 B 16ms
14ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC00eb819810964a7f8d50efdc056516ff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f5d1ee018f4660d84629d58b8e3802ffaa9640c6d1325305c2b3418ff3ad5e70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 437
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 58ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E8AFB8BD2104BDD8032F9877D37C930 Ref B: FRAEDGE1415 Ref C: 2022-01-10T13:17:32Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 RC8df0b961e8ca4f94ab0d62bec734218c-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 1 KB
675 B 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC8df0b961e8ca4f94ab0d62bec734218c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32715322b5908aa93bd0131abf712b37cbec94a26ab45675beb1f7f56574daba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 412
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC7a32be4b1009403c8a6ec70b3e1494a9-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 1 KB
882 B 18ms
17ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC7a32be4b1009403c8a6ec70b3e1494a9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 55761e4f4343b3e60b8d9bd6ee709f898574e66038688c370db9b6811d7e4aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 618
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC3381ef6ab18247fc9ccfb6cc54cb6d48-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 754 B
681 B 21ms
20ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC3381ef6ab18247fc9ccfb6cc54cb6d48-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6555d09527669cd853da8b5cdb6c1946923692decba931d5f9b43cfe850fb3c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 417
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC2dac2e252a2a407681d6ce5caed55f34-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 946 B
769 B 29ms
28ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC2dac2e252a2a407681d6ce5caed55f34-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f607d6acb8ebd8d1355f08502b17dcc7495b1367bfd254ad5c9c5625cd2e59fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 505
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC98aa69f470304441a9501c31be0ab46f-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 856 B
763 B 30ms
29ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC98aa69f470304441a9501c31be0ab46f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 89bbdb1fdf00e79bc08d0d9f7a8bb8bac20357f8966c1225c2e47d9eb7a5c66b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 499
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H2 200 RC3f240537a64746f28f823b86e160e066-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 808 B
779 B 31ms
30ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RC3f240537a64746f28f823b86e160e066-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2a9bc50f43205533371d3fef1fd116417a53a4f280679b55a827460f3311a2f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 515
expires: Mon, 10 Jan 2022 14:17:32 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/772952690/ 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/772952690/?random=1641820652996&cv=9&fst=1641820652996&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8635e88570d76fa549afc0e7762703d84486b3b8dc9e7d25c91bf16f7e99f1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/772952690/ 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/772952690/?random=1641820652999&cv=9&fst=1641820652999&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da4c46d25fe6bdff1be282d1dc11d1b08f94d523bdb2dbd04ecfa2a56a605da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998569208/ 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998569208/?random=1641820653000&cv=9&fst=1641820653000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777e5fd12c485e795a3762463ea428c45b3022da8cb6a43b74566dc728a76cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/998569208/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998569208/?random=1641820653000&cv=9&fst=1641820653000&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

26ms
26ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=314065351&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=314065351&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960616693/ 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960616693/?random=1641820653001&cv=9&fst=1641820653001&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67e8bb09609711fbcd90a1cf37a2fd5d443713153ab885dcb78d57058d4c6ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/960616693/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960616693/?random=1641820653001&cv=9&fst=1641820653001&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=400328382&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=400328382&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992012738/ 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992012738/?random=1641820653002&cv=9&fst=1641820653002&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab6999d1b320d75f808f97f55a3029a2932125bf499eaf0126e09cc17cf8972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/992012738/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992012738/?random=1641820653001&cv=9&fst=1641820653001&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
29ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3855855332&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/992012738/?random=1641820653001&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3855855332&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/787845441/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787845441/?random=1641820653003&cv=9&fst=1641820653003&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0bcecd55a876af96c98b7168d2efe8a374670ddb03fe46e31b51770657541ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/787845441/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787845441/?random=1641820653002&cv=9&fst=1641820653002&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1072185728&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/787845441/?random=1641820653002&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1072185728&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/787811664/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787811664/?random=1641820653003&cv=9&fst=1641820653003&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

42ms
42ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=573536513&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/787811664/?random=1641820653003&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=573536513&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963147609/ 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963147609/?random=1641820653004&cv=9&fst=1641820653004&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a90db4f311531c45cc5d2dbb6be1c10d41b4e68657e8eb6c759990a25b98296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/963147609/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963147609/?random=1641820653004&cv=9&fst=1641820653004&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

35ms
34ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2057270721&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2057270721&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/357010618/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/357010618/?random=1641820653005&cv=9&fst=1641820653005&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5807d60fdb9f5587a4cef708dc6db7989f1ab0d93c84063df19015cfc4ba3225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066311636/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066311636/?random=1641820653006&cv=9&fst=1641820653006&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e8d6669ee6cb9b6b5d5df9fe6d2ebe327f9c01857f41e4f260c78751a6b546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1066311636/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066311636/?random=1641820653006&cv=9&fst=1641820653006&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...
https://www.google.de/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

37ms
36ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=51394319&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=51394319&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845851798/ 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845851798/?random=1641820653007&cv=9&fst=1641820653007&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244ed92e9f174814079f5a33a718abc5fedbb34eb733e2978d71ebdff1430a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/845851798/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845851798/?random=1641820653007&cv=9&fst=1641820653007&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

35ms
34ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2606754063&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2606754063&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859556993/ 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859556993/?random=1641820653008&cv=9&fst=1641820653008&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2366ca64d6c139c6105ee7caa70d79b307749823accffa40437ded06fbd46284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/859556993/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859556993/?random=1641820653008&cv=9&fst=1641820653008&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

36ms
36ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2460451074&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2460451074&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956978286/ 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956978286/?random=1641820653009&cv=9&fst=1641820653009&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95bd1f4465f59c5f0207bbf4605668e34ee9391f5c605737fe64196518ebba8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/956978286/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956978286/?random=1641820653009&cv=9&fst=1641820653009&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

36ms
35ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3161374818&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3161374818&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/873173566/ 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873173566/?random=1641820653010&cv=9&fst=1641820653010&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd139fee2f46c166f9a4f369933a9190e92646be128017f4aac75f74caaf6d6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/873173566/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873173566/?random=1641820653009&cv=9&fst=1641820653009&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
29ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2293845655&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/873173566/?random=1641820653009&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2293845655&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/870331747/ 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870331747/?random=1641820653011&cv=9&fst=1641820653011&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f19b250c5481207caccd57abe894d6f690d4e6fd49379224f32f2817bc79f508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/870331747/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870331747/?random=1641820653010&cv=9&fst=1641820653010&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
29ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3933251909&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/870331747/?random=1641820653010&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3933251909&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068956443/ 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068956443/?random=1641820653012&cv=9&fst=1641820653012&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d31fe6d1e238350215b8a4b288c66adb2f5118233607d4f736a6a66421bf3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1068956443/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068956443/?random=1641820653011&cv=9&fst=1641820653011&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...
https://www.google.de/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

31ms
28ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1028697128&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1068956443/?random=1641820653011&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=1028697128&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/783006395/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783006395/?random=1641820653012&cv=9&fst=1641820653012&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

30ms
28ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2524126175&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/783006395/?random=1641820653012&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=2524126175&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/816966859/ 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816966859/?random=1641820653013&cv=9&fst=1641820653013&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60cafed4f52b77ac8ca85e1fbca58d2ab2cebec2479b85a5cf5b5d94b7cfee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/816966859/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816966859/?random=1641820653013&cv=9&fst=1641820653013&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
28ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3496055039&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=3496055039&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/782327082/ 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782327082/?random=1641820653014&cv=9&fst=1641820653014&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

341ecad1e1f5f666dba328077b0f64d0a5d6ea1067d682988823c3bc6d568973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/782327082/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782327082/?random=1641820653014&cv=9&fst=1641820653014&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

32ms
29ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=942360671&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=942360671&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/783006575/ 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783006575/?random=1641820653015&cv=9&fst=1641820653015&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fcc6c2cc92610b86893d7c62ce2c7d9d123ed81e3ef87976c9ac91a94fb936b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/783006575/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783006575/?random=1641820653015&cv=9&fst=1641820653015&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
28ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=433515179&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&is_vtc=1&random=433515179&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 384393978803312 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 214ms
202ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/384393978803312?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d6d4afbec4b2cc3eacef7410bc6b3eb1bc85fa6481777354522dba7b4518f9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: kJYWd2Q1OZj6Xg22uRiuGKk/nmlWTiEFWdX6M36LrZHxI7uG+h3eZoBQs72nsudr2a9Fgsgi27/hdKM6sU4fGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 13:17:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 s04400404148340 Show response
smetrics.centurylink.com/b/ss/clinkcompany/1/JS-2.22.3-LBWB/ 43 B
244 B 21ms
21ms XHR
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.centurylink.com/b/ss/clinkcompany/1/JS-2.22.3-LBWB/s04400404148340

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 11 Jan 2022 13:17:33 GMT
server: jag
xserver: anedge-cdfbd77b-tw4vn
etag: 3525783005872324608-4619663376474407133
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://blog.lumen.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 09 Jan 2022 13:17:33 GMT

GET
H2 200 31c5892c-0834-4705-9963-6ce6c5f92ca2.js Show response
t.contentsquare.net/uxa/ 328 KB
69 KB 35ms
9ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d47918cf1c2106715aa230db936f770cd2259ea9b1d9df065e33245d6cf8b021

Request headers

Referer: https://blog.lumen.com/
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 06:11:22 GMT
content-encoding: gzip
age: 111972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70194
access-control-allow-origin: *
last-modified: Wed, 05 Jan 2022 16:14:24 GMT
server: AmazonS3
etag: "b5cb2de68f2bbabf672a37e0da449656"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: application/javascript;charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: -yDM0Mm9fluW18K-aRtdbcoHTw_CzbEnT-JMOIM4qV0mMO7gEycHjw==

GET
H2 200 EeqIvelK.min.js Show response
scripts.demandbase.com/ 68 KB
19 KB 44ms
9ms Script
application/javascript 18.66.112.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/EeqIvelK.min.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-63.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7279f039bbec03706ca0460fb25f9d39a4d00dbf2e48d8a19d4997bcdd751fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: DQAcCTpJbNRaMoDOkJYdIoKA_mF9kZd8
content-encoding: gzip
etag: W/"8d53605e0ce8bf092c555ec30ed02b15"
age: 3448
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Wed, 17 Nov 2021 10:19:31 GMT
server: AmazonS3
date: Mon, 10 Jan 2022 12:20:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: OzO-P1Ds5FG23x7vvLD392gwyqgQBWg1K4lphwkIat5Fvar90pCm5Q==

GET
H3

200

activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeti... Show response
9129572.fls.doubleclick.net/ Frame 0810
Redirect Chain

https://9129572.fls.doubleclick.net/activityi;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targe...
https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lu...

961 B
583 B

42ms
27ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9129572&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b9c97498e4d81a150c4c6c2a7c04f8664ae665de9d3636db572616f8298e6f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jan 2022 13:17:33 GMT
expires: Mon, 10 Jan 2022 13:17:33 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jan 2022 13:17:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-... Show response
9129572.fls.doubleclick.net/ Frame 12D7
Redirect Chain

https://9129572.fls.doubleclick.net/activityi;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaig...
https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2F...

968 B
591 B

44ms
30ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9129572&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

3ebf4e27eadc6a8f4a8a4caf56a8ba8b3dcdfcb4591aed3b286803505d48be5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jan 2022 13:17:33 GMT
expires: Mon, 10 Jan 2022 13:17:33 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jan 2022 13:17:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-m...
9129572.fls.doubleclick.net/ 0
0 57ms
15ms Image
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9129572.fls.doubleclick.net/activityi;register_conversion=1;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-ru...
9129572.fls.doubleclick.net/ 0
0 58ms
16ms Image
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9129572.fls.doubleclick.net/activityi;register_conversion=1;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=7664&conversionId=3093564&fmt=gif
https://px4.ads.linkedin.com/collect?pid=7664&conversionId=3093564&fmt=gif&e_ipv6=AQLToYj-ICbARQAAAX5EIwaXs9QlH6JSgnYbBVvxJkv8EcgolBdYYWU420mvXFsEDdB5FaU_bw

43 B
144 B

312ms
119ms

Image
image/gif

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=7664&conversionId=3093564&fmt=gif&e_ipv6=AQLToYj-ICbARQAAAX5EIwaXs9QlH6JSgnYbBVvxJkv8EcgolBdYYWU420mvXFsEDdB5FaU_bw
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
server: Play
linkedin-action: 1
vary: Accept-Encoding
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: image/gif
content-length: 65
x-li-uuid: cFj+hi/ryBbAcYqNfSsAAA==

Redirect headers

date: Mon, 10 Jan 2022 13:17:32 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9840B12ED0744750A0E9153B93A5B328 Ref B: VIEEDGE3216 Ref C: 2022-01-10T13:17:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?pid=7664&conversionId=3093564&fmt=gif&e_ipv6=AQLToYj-ICbARQAAAX5EIwaXs9QlH6JSgnYbBVvxJkv8EcgolBdYYWU420mvXFsEDdB5FaU_bw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXVOijRhPXsiFTH5+RgAQ==

GET
H2 200 beacon_call.js Show response
r.turn.com/server/ 2 KB
1 KB 82ms
22ms Script
text/javascript 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://r.turn.com/server/beacon_call.js?b2=GVTVbXlWaqL4QizzKjpEeS5laXQMwjJ_TsyWCx_bqMlzKf2nUf1BXkExJCfirVsX7Fts0WWZJ8hWONw7GNAfSg
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 8e1b0819d8aa70b3c1d9c98d465eaa480813fd201ab1ce9441821addfbd84153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
expires: Wed, 12 Jan 2022 13:17:33 GMT
cache-control: public, max-age=172800, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
vary: accept-encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 30ms
9ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

be008c63ddefca3ce28657d3bec71467649a1cd0d6d83631ba31fe61e82bef6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 10 Jan 2022 12:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3298
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5733
x-amz-id-2: NLPgPL04bcTSfZ2hfofQJSJqyWh4rHCcdDhlCj/iljspsZEIY8A2EV/JB0XhVdvVffaucVRGFWk=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 11 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 06 Jan 2022 11:58:19 GMT
server: ATS
etag: "5e3751507a07e4eab1dc62336254faa3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 03MDSK9KVN5QS4NB
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: yimss6le6oItGvrWNEatTw9Yuf3OpsiL
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/563fb421-d1af-4fbd-b720-7b67cf2b6de0/ 58 KB
13 KB 173ms
173ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/563fb421-d1af-4fbd-b720-7b67cf2b6de0/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43320dfd28fb519cf825e4663645778e7aa648e553a110056bf04b06c1a310f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 840aRu6xk4qYKEiFYcocVg==
vary: Accept-Encoding
content-length: 13367
x-ms-lease-status: unlocked
last-modified: Fri, 10 Dec 2021 21:52:24 GMT
server: cloudflare
etag: 0x8D9BC2759D5382B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd1d3813-301e-0151-6136-038046000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62faa3aba59ef-MXP
expires: Mon, 10 Jan 2022 17:17:33 GMT

GET
H2 200 16015150.js Show response
bat.bing.com/p/action/ 684 B
739 B 235ms
235ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16015150.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed33c81eada15be8725e8835d699400bcbdb8efce7d5d306eeedb4c91361af44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A2C090094C2462EBC2B35DCF2C7D5DD Ref B: FRAEDGE1415 Ref C: 2022-01-10T13:17:33Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 588

GET
H2 204 0
bat.bing.com/action/ 0
150 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16015150&tm=al001&Ver=2&mid=55cd69b7-ef13-4f60-8b05-cfc736f2ad19&sid=aba98b00721711ec848f9dd2662ffb09&vid=aba9bb60721711ecbcf993a945d29aea&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&p=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&r=&lt=3050&pt=1641820649857,,,,,0,1,111,111,432,270,432,800,959,802,3042,3043,3050,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=172171
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEAD207EC752464A80EBFBA56328A35C Ref B: FRAEDGE1415 Ref C: 2022-01-10T13:17:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E2AA 4 KB
3 KB 55ms
31ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 13:17:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame E2AA 0
9 B 11ms
9ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iUPSfA
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/772952690/ 42 B
64 B 33ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/772952690/?random=1641820652996&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=545366162&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/772952690/ 42 B
64 B 31ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/772952690/?random=1641820652996&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=545366162&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1068956443/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068956443/?random=1641820653012&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=480232483&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1068956443/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068956443/?random=1641820653012&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=480232483&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/956978286/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=336209828&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/956978286/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956978286/?random=1641820653009&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=336209828&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/816966859/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=4053970125&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/816966859/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/816966859/?random=1641820653013&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=4053970125&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/782327082/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3047684864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/782327082/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782327082/?random=1641820653014&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3047684864&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/783006575/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3203143252&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/783006575/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/783006575/?random=1641820653015&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3203143252&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/772952690/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/772952690/?random=1641820652999&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=896641431&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/772952690/ 42 B
64 B 23ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/772952690/?random=1641820652999&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=896641431&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/998569208/ 42 B
64 B 23ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=130640517&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/998569208/ 42 B
64 B 23ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998569208/?random=1641820653000&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=130640517&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960616693/ 42 B
64 B 26ms
22ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1934182422&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/960616693/ 42 B
64 B 24ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960616693/?random=1641820653001&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1934182422&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/992012738/ 42 B
64 B 42ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992012738/?random=1641820653002&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=499132894&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/992012738/ 42 B
64 B 24ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992012738/?random=1641820653002&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=499132894&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/787845441/ 42 B
64 B 28ms
21ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/787845441/?random=1641820653003&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3617158528&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/787845441/ 42 B
64 B 29ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787845441/?random=1641820653003&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3617158528&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/963147609/ 42 B
64 B 27ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1577048605&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/963147609/ 42 B
64 B 26ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963147609/?random=1641820653004&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1577048605&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/357010618/ 42 B
64 B 34ms
25ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/357010618/?random=1641820653005&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=2150239916&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/357010618/ 42 B
64 B 34ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/357010618/?random=1641820653005&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=2150239916&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1066311636/ 42 B
64 B 28ms
19ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3920942722&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1066311636/ 42 B
64 B 32ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066311636/?random=1641820653006&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3920942722&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/845851798/ 42 B
64 B 28ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=702357355&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/845851798/ 42 B
64 B 32ms
23ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845851798/?random=1641820653007&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=702357355&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/859556993/ 42 B
64 B 32ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3287969953&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/859556993/ 42 B
64 B 28ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859556993/?random=1641820653008&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=3287969953&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/873173566/ 42 B
64 B 31ms
23ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/873173566/?random=1641820653010&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=2538363341&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/873173566/ 42 B
64 B 31ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/873173566/?random=1641820653010&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=2538363341&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/870331747/ 42 B
64 B 32ms
25ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/870331747/?random=1641820653011&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1434623627&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/870331747/ 42 B
64 B 27ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/870331747/?random=1641820653011&cv=9&fst=1641819600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&tiba=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&async=1&fmt=3&is_vtc=1&random=1434623627&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame E2AA 53 KB
15 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 10:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 11 Jan 2022 10:57:26 GMT

GET
H2 200 10001932.json Show response
s.yimg.com/wi/config/ 2 B
484 B 450ms
403ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10001932.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 95JXYK55QQTHXX38
x-amz-id-2: MHlM3g5Mt3w6Db6tpkQiHs1ia8Kcj23+te6nPQkWt02A6j1UYtL8oFWxzbvq+zcsxCdsKQyp8ck=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=*;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreig...
adservice.google.com/ddm/fls/z/ Frame 0810 42 B
494 B 78ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=*;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F

Requested by

Host: 9129572.fls.doubleclick.net
URL: https://9129572.fls.doubleclick.net/activityi;dc_pre=CImYxcaip_UCFVnJ1QodOZEP5w;src=9129572;type=audie0;cat=tdnae00;ord=4865278887335;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9129572.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=*;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of...
adservice.google.com/ddm/fls/z/ Frame 12D7 42 B
107 B 79ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=*;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F

Requested by

Host: 9129572.fls.doubleclick.net
URL: https://9129572.fls.doubleclick.net/activityi;dc_pre=CPiaxcaip_UCFXccBgAdCQUFUQ;src=9129572;type=audie0;cat=tdnae002;ord=1;num=8620678387623;gtm=2od150;auiddc=208320925.1641820652;u1=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs;u4=30385829150644729780158913779529354871;u5=1800965687490;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1641820652786-45303;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=1;u13=1;u14=ky8pmjo9_30385829150644729780158913779529354871;u15=ky8pmjo9;u16=undefined;gdid=dZGIzZG;ps=1;~oref=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9129572.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ&verifyHash=7b8f95c730e6c47726826812349335202b200fe

26 B
409 B

98ms
98ms

Image
image/gif

52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ&verifyHash=7b8f95c730e6c47726826812349335202b200fe
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: HTTP/1.1
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 5ad26730ee94743d
X-Amz-Cf-Id: Pm9W-RI_6IDBV8t6Coq0kdFzN8dn8Y1tuh8MTxVyVIvT7luTwVCppg==

Redirect headers

Date: Mon, 10 Jan 2022 13:17:33 GMT
Via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAH2Yk7DuGQAAEHCcsm2GQ&verifyHash=7b8f95c730e6c47726826812349335202b200fe
Connection: keep-alive
trace-id: 2efb5b5bbd7a521e
Content-Length: 0
X-Amz-Cf-Id: GVnFDydYtCico7nJDnX7BObuB_PW4eFjJslWzyhBoEnekkFqCKPjWg==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 46ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 39ms
15ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=384393978803312&ev=PageView%20(Performics)&dl=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&rl=&if=false&ts=1641820653335&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641820653332.1013351963&it=1641820653021&coo=false&exp=p1&rqm=GET

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 10 Jan 2022 13:17:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 40ms
16ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=384393978803312&ev=PageView&dl=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&rl=&if=false&ts=1641820653338&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641820653332.1013351963&it=1641820653021&coo=false&exp=p1&rqm=GET

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 10 Jan 2022 13:17:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 40ms
17ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=384393978803312&ev=NAESiteVisit&dl=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&rl=&if=false&ts=1641820653339&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1641820653332.1013351963&it=1641820653021&coo=false&exp=p1&rqm=GET

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 10 Jan 2022 13:17:33 GMT

GET
H2 200 xdframe-single-domain-1.1.0.html Show response
csxd.contentsquare.net/uxa/ Frame 0D00 2 KB
1 KB 71ms
7ms Document
text/html 2600:9000:2250:aa00:1b:ed91:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.1.0.html?pid=3723&cookieNames=_cs_id,_cs_s,_cs_cvars,_cs_ex
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:aa00:1b:ed91:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf7635163c0991525863f3b5eb809ab7770fcdd92de0e916c162b8f1fbb71b1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

content-type: text/html
date: Fri, 24 Dec 2021 10:29:38 GMT
last-modified: Wed, 29 Apr 2020 11:07:34 GMT
etag: W/"895e1defcb016da8da1092f66778b99a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: JJnw8Y5cSTZL_07YfLWP9z2eI0iWSG7JJQQLyP4AcR-VhbbeLbEbkw==
age: 1478876

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 425 B
903 B 55ms
55ms XHR
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&page_title=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&src=tag&auth=llnPIx7JGnk35WpXiDMY1cpcorRMEpwrB3lr0JLc
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/EeqIvelK.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-57.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 710ff0af36d28d46a986a15f4744beb4306e36e19fc2e907dc90cd71e8ab602a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 80944d24-835c-48f3-b600-f98d7bd8bc3f
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blog.lumen.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vK1wzC1Y6cclEDASCetVfDSlE6GF3iM3-nVZ6yrlRo0f1M9ryybD7Q==
expires: Sun, 09 Jan 2022 13:17:33 GMT

GET
BLOB 200
OK 1d1bf464-027c-459a-a67c-3b535b8cfa69
https://blog.lumen.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blog.lumen.com/1d1bf464-027c-459a-a67c-3b535b8cfa69
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a81a5e08e2091ede6a91c4798e45779aa06123842ed883ad75d7ea813cc15e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 10 KB
3 KB 66ms
66ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: draHMd1On6bI4pEQfWIgBw==
vary: Accept-Encoding
content-length: 2568
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
server: cloudflare
etag: 0x8D9B3772330324D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d1e58924-f01e-00a6-690a-02e0f8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62fac093f59ef-MXP

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/ 48 KB
11 KB 172ms
172ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe93faf4130e4d7aa94965a087f30fea8b94aab82259ff355322381ae5417d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: XYr7XtkDBzrTd4dk4eGe0A==
vary: Accept-Encoding
content-length: 11552
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:53 GMT
server: cloudflare
etag: 0x8D9B37723B57C64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7c7265d9-801e-004c-640a-021ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62fac094159ef-MXP

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 5 KB
2 KB 68ms
68ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: lNjRmvO7+WVd3lrIPMaRuA==
vary: Accept-Encoding
content-length: 2144
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
server: cloudflare
etag: 0x8D9B377234BA5B8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 997feb90-801e-0008-4a0a-02c395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cb62fac094559ef-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 20 KB
4 KB 68ms
68ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Ye6OeZcNyuFoWog7CYs00A==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:31:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e813d30a-e01e-009b-1b0a-0255de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6cb62fac094759ef-MXP

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.31/ 52 KB
23 KB 306ms
103ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/16015150.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&RedC=c.clarity.ms&MXFR=3C1412D11AF8614B0A2903F91EF86FE4
https://c.clarity.ms/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&MUID=0932762FF6F46DA108106707F79F6C00

42 B
368 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&MUID=0932762FF6F46DA108106707F79F6C00
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B803693E34141AB85ECC7F67AFD29FF Ref B: FRAEDGE1415 Ref C: 2022-01-10T13:17:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E9EC6D4534F64D9C964E437672243BE2&MUID=0932762FF6F46DA108106707F79F6C00
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E2AA 98 B
142 B 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaa29684a69105ff21619450104855b2aec922cdb4e682fd4987c894a8d3e39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 10 Jan 2022 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 10 Jan 2022 13:17:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 31c5892c-0834-4705-9963-6ce6c5f92ca2.js Show response
ct.contentsquare.net/ptc/ 40 KB
11 KB 67ms
15ms Script
application/javascript 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/ptc/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e0ab2371f70278b8c40a9d1badb4742954fbd2e4a889e7adebb3d73df4b18c7

Request headers

Referer: https://blog.lumen.com/
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 9W4Rh_TUwsK8fwisQ7vt17Zx1zu9Ncx0
content-encoding: br
last-modified: Wed, 15 Dec 2021 12:40:44 GMT
server: AmazonS3
x-amz-request-id: J5ZQS802KJC21Q1P
etag: "5e8fc41ef18c937cb62377041f32e464"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Mon, 10 Jan 2022 13:17:33 GMT
accept-ranges: bytes
content-length: 10401
x-amz-id-2: KYmI82H5N9OyEZR+1TgrQYPyVK8ajNd6vABhbxoFgDkYk88SiHlxKtpOWkIwJmGy5v5GpCgAcZU=
expires: Mon, 10 Jan 2022 13:27:33 GMT

GET
H2 200 31c5892c-0834-4705-9963-6ce6c5f92ca2.js Show response
ct.contentsquare.net/pcc/ 216 KB
47 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/pcc/31c5892c-0834-4705-9963-6ce6c5f92ca2.js?DeploymentConfigName=Malka_20211215&Version=2
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ptc/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ec0766ddd60fcf8761d80c4c70e936d98974484f9d6d939213a665f81b9482b

Request headers

Referer: https://blog.lumen.com/
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: PanRmZK0d3z5knP9MxCYO.VTVGOU6ZpA
content-encoding: br
last-modified: Wed, 15 Dec 2021 12:40:31 GMT
server: AmazonS3
x-amz-request-id: J5ZN4QPYZTY7SJ8A
etag: "65418c0e7848a6753263bf132765d9ec"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 10 Jan 2022 13:17:33 GMT
accept-ranges: bytes
content-length: 47628
x-amz-id-2: zaBKx/QhxZdTGIxDhOPX1PYhFVnmNZ7uatJCa0sJCWllvZ+vaExhAzMn3fgCnOjHMyQtQNpVgqs=
expires: Tue, 10 Jan 2023 13:17:33 GMT

GET
H2 200 bridge-WR110.js Show response
ct.contentsquare.net/www/ 6 KB
6 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.contentsquare.net/www/bridge-WR110.js
Requested by: Host: ct.contentsquare.net
URL: https://ct.contentsquare.net/ptc/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56d4c7cf83a78f9a6baba9a09bbbea57f65110c9d62a4aed2d9fe40ba0de331a

Request headers

Referer: https://blog.lumen.com/
Origin: https://blog.lumen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: vYu7xPkgO5j7GY0sqXSEpiISLx.ZTfB4
last-modified: Mon, 14 Jun 2021 11:19:44 GMT
server: AmazonS3
x-amz-request-id: GR7PEKPK3M9PP91G
etag: "e7dfc510ae066e1f760afbadf1a6ddaf"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
date: Mon, 10 Jan 2022 13:17:33 GMT
accept-ranges: bytes
content-length: 5756
x-amz-id-2: knW0r5CK9h+h4/SW1cWQeX5ohV+2JHUCZNU6J5Z8a0mHh486akqOsvWQtB97iypxYyLsOn8YZQA=
expires: Tue, 11 Jan 2022 13:17:33 GMT

OPTIONS
H2 200 quota
q-aus1.contentsquare.net/ Frame 0
0 655ms
97ms Preflight 3.213.6.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q-aus1.contentsquare.net/quota?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.6.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-6-222.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-length: 0
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

POST
H2 200 quota Show response
q-aus1.contentsquare.net/ 29 B
243 B 98ms
98ms XHR
application/json 3.213.6.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q-aus1.contentsquare.net/quota?
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.6.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-6-222.compute-1.amazonaws.com
Software: /
Resource Hash: 70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1

Request headers

Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 10 Jan 2022 13:17:34 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 29
access-control-allow-methods: POST, OPTIONS
content-type: application/json

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 106ms
31ms Image
text/plain 54.154.81.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=3723&uu=793c6481-6e29-a257-952a-6a6e6b680f26&sn=1&lv=1641820653&lhd=1641820653&hd=1641820653&pn=1&dw=1600&dh=13234&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&uc=1&la=en-US&cvars=%7B%221%22%3A%5B%22Pagename%22%2C%22lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Pagename%22%2C%22lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%22%5D%7D&v=11.7.1&r=697422
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.81.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-81-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 40ms
31ms Image
text/plain 54.154.81.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=MIewdgZglg5gXAAgLIEMA2BrFB9ATABlwEYjiBWIAAA%3D&isETR=false&isCustomHashId=false&v=11.7.1&pid=3723&uu=793c6481-6e29-a257-952a-6a6e6b680f26&sn=1&pn=1&r=194454
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.81.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-81-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:33 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 417ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2010%20Jan%202022%2013%3A17%3A33%20GMT&n=0&b=New%20Konni%20Campaign%20Kicks%20Off%20the%20New%20Year%20by%20Targeting%20Russian%20Ministry%20of%20Foreign%20Affairs%20-%20Lumen&.yp=10001932&f=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&enc=UTF-8&yv=1.11.0&tagmgr=gtm%2Cadobe

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:34 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 10 Jan 2022 13:17:34 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A02D 0
18 B 19ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blog.lumen.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blog.lumen.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 10 Jan 2022 13:17:34 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
92 B 285ms
285ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://blog.lumen.com
date: Mon, 10 Jan 2022 13:17:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 31ms
31ms Image
text/plain 54.154.81.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=A4Qw5gpgBArsA2B7EATCKgAA&isETR=false&isCustomHashId=false&v=11.7.1&pid=3723&uu=793c6481-6e29-a257-952a-6a6e6b680f26&sn=1&pn=1&r=096930
Requested by: Host: blog.lumen.com
URL: https://blog.lumen.com/new-konni-campaign-targeting-russian-ministry-of-foreign-affairs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.81.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-81-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:34 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
510 B 37ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2807db05f536fe45b16757ee0be3052e74fc954f23604d07c53889796adbbdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Mon, 10 Jan 2022 13:17:34 GMT

GET
H3 200 tqiYhn2fQIY Show response
www.youtube.com/embed/ Frame E2AA 60 KB
24 KB 51ms
50ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52631b327a06f179bced77f9a92882a8f4d07e560598e012048b0c39d324dad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Jan 2022 13:17:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 RCc804b3084d214890a4f4795793b83920-source.min.js Show response
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/ 3 KB
1 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/8842823b3e8f/RCc804b3084d214890a4f4795793b83920-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5a2cb664344f0f81c707d99b761530ba542541ee6d7700687e9a06d83806f5d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:16:09 GMT
server: AkamaiNetStorage
etag: "73c28c4775f816c3e419323818c7126a:1641233769.870593"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.lumen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 978
expires: Mon, 10 Jan 2022 14:17:34 GMT

POST atr
www.youtube.com/api/stats/ Frame E2AA 0
0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/edff9f99/www-widgetapi.vflset/ 149 KB
48 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30efe5482066576af9976d7b0716c88d2ccd05e54bfb481bd8485427945dbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 11:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49417
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 11:17:15 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame E2AA 338 KB
46 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 04:26:11 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame E2AA 227 KB
73 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 12:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 12:52:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 2 MB
529 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541622
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:26 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame E2AA 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 11:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Jan 2023 11:32:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E2AA 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 504653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:06:41 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame E2AA 113 B
159 B 15ms
15ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94991c4a635a4267f6d82e218ce9bdb4366a42a1ef676da5336b25bad6a2d225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E2AA 29 B
54 B 22ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:12:14 GMT
x-content-type-options: nosniff
age: 320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 13:27:14 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 10 Jan 2022 13:17:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E2AA 43 KB
20 KB 22ms
22ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef7a1a5c6d4eb90aa97392273352090c628254bbcd3f5ef5160e5be0cbaecfe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 20922
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29833
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
H3 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame E2AA 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 15:46:37 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame E2AA 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
DATA 200
OK truncated
/ Frame E2AA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLRqf_cSzvH5D6BfJiUeNFauxHATUZa7N476sTuc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E2AA 1 KB
1 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRqf_cSzvH5D6BfJiUeNFauxHATUZa7N476sTuc=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c11279f1b5c2ffceb366fdaff5a996977a9831c5db265eb25740d4729c763e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 10:30:18 GMT
x-content-type-options: nosniff
age: 10036
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
server: fife
etag: "v9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Dec 2021 11:04:02 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/tqiYhn2fQIY/ Frame E2AA 19 KB
19 KB 24ms
9ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/tqiYhn2fQIY/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c503eecf1acd77cd695259e9c52e65efb25ca415f9ab2f1c32bd30bbfcec35e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:05:21 GMT
x-content-type-options: nosniff
age: 733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19308
x-xss-protection: 0
server: sffe
etag: "1599943083"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Jan 2022 15:05:21 GMT

POST
H2 200 recording Show response
k-aus1.contentsquare.net/v2/ 0
187 B 593ms
100ms XHR
text/plain 3.229.54.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k-aus1.contentsquare.net/v2/recording?rt=5&v=11.7.1&pid=3723&uu=793c6481-6e29-a257-952a-6a6e6b680f26&sn=1&pn=1&ri=1
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/31c5892c-0834-4705-9963-6ce6c5f92ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.54.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-54-141.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Jan 2022 13:17:35 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E2AA 4 KB
2 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 13:17:34 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame E2AA 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?NubyPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame E2AA 53 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 10:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 11 Jan 2022 10:57:26 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E2AA 98 B
142 B 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8623b676c5bc7eb1898f0867d3938e20fbc30d040e257265068a777f12c7edd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 10 Jan 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 10 Jan 2022 13:17:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 111ms
111ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://blog.lumen.com
date: Mon, 10 Jan 2022 13:17:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 204 pageEvent
c.contentsquare.net/ 0
319 B 31ms
30ms Image
text/plain 54.154.81.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageEvent?value=A4Qw5gpgciC2EC4A2BXeA7APgIyQezE3QgHcBaAaz3XQEsyBjOUWsdMgFxACdIPb0YMtxQBnUbRDtYA2qI7cAnmTwAzMqrzcIrdiFWqQtbqKAA%3D%3D&isETR=false&isCustomHashId=false&v=11.7.1&pid=3723&uu=793c6481-6e29-a257-952a-6a6e6b680f26&sn=1&pn=1&r=261507
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.81.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-81-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.lumen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 13:17:36 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E2AA 28 B
54 B 23ms
23ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/tqiYhn2fQIY?rel=0&enablejsapi=1&origin=https://blog.lumen.com
X-YouTube-Client-Version: 1.20220104.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtOZjVzeGxoSWU2TSju4_COBg%3D%3D
X-YouTube-Ad-Signals: dt=1641820654407&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C316&vis=1&wgl=true&ca_type=image&bid=ANyPxKoZGkBfBFTP0EalJRmMWuLw7shkaL6O-HK5pBfGhSP1dNZIK8xr-C1_ef0VeJRhGxoJjO5-BfMzVpGeDwy4vq9XylM9TQ

Response headers

date: Mon, 10 Jan 2022 13:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 10 Jan 2022 13:17:36 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.lumen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://blog.lumen.com
date: Mon, 10 Jan 2022 13:17:37 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=sgD90l_0qoob96sv&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fblog.lumen.com%2F&lact=1462&cl=419703423&mos=0&volume=100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=61&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24125269%2C24127418%2C24129402%2C24140279%2C24141079%2C24146886%2C24148910%2C24151766&muted=0&vis=3&docid=tqiYhn2fQIY

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.lumen.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6hdnh67jer9p7eme915lp2gsbu
.lumen.com/	1970-01-20 17:34:52	Name: _ga Value: GA1.2.1639072993.1641820652
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FyzFMtjtYUo
.youtube.com/	1970-01-20 04:22:52	Name: VISITOR_INFO1_LIVE Value: Nf5sxlhIe6M
.lumen.com/	1970-01-20 00:05:07	Name: _gid Value: GA1.2.161263809.1641820652
.lumen.com/	1970-01-20 00:03:40	Name: _gat_gtag_UA_41153014_24 Value: 1
.demdex.net/	1970-01-20 04:22:52	Name: demdex Value: 24177440369173663240689659143165404625
.lumen.com/	1970-01-20 00:03:40	Name: _gat_gtag_UA_41153014_10 Value: 1
.lumen.com/	1970-01-20 02:13:16	Name: _gcl_au Value: 1.1.208320925.1641820652
.lumen.com/	1969-12-31 23:59:59	Name: AMCVS_AA683BC75245B3880A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 08:49:16	Name: everest_g_v2 Value: g_surferid~Ydwx7AAAAKPrvwQp
.linkedin.com/	1970-01-20 00:46:52	Name: UserMatchHistory Value: AQLhZm6Q4bLXXQAAAX5EIwQYLHqKabZjVZ9tAzC9mHxEVPn4kAS48VdkTGzcvkhYcieNcDgSwSpeOg
.linkedin.com/	1970-01-20 00:46:52	Name: AnalyticsSyncHistory Value: AQJ50j-oBx_SHAAAAX5EIwQYHLo_IYtaSdgp9P1Btre3UlLazypF6LnGSG3Psn1M_LriHeC2ym7VjTKU6oKC0A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:35:34	Name: bcookie Value: "v=2&5e6c911f-439b-46b0-8375-2037d5bba4c8"
.linkedin.com/	1970-01-20 00:05:07	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2277:u=1:x=1:i=1641820652:t=1641907052:v=2:sig=AQE6w_mU8Puwv3j0uIe4M_LJXeVdmmZP"
.lumen.com/	1970-01-20 17:34:52	Name: _mkto_trk Value: id:926-HYV-740&token:_mch-lumen.com-1641820652786-45303
.dpm.demdex.net/	1970-01-20 04:22:52	Name: dpm Value: 24177440369173663240689659143165404625
.lumen.com/	1970-01-20 17:34:52	Name: AMCV_AA683BC75245B3880A490D4D%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19003%7CMCMID%7C30385829150644729780158913779529354871%7CMCAAMLH-1642425452%7C6%7CMCAAMB-1642425452%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1641827852s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19010%7CvVersion%7C5.3.0
.bing.com/	1970-01-20 09:25:16	Name: MUID Value: 0932762FF6F46DA108106707F79F6C00
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:35:34	Name: bscookie Value: "v=1&20220110131732a5316ab7-31c5-4d64-87a6-acfd94dbbad1AQFperoyfrty9AQsbyHBPi59sEY5bB3N"
.linkedin.com/	1970-01-20 17:29:32	Name: li_gc Value: MTswOzE2NDE4MjA2NTI7MjswMjFZZgHV4eNxolUHs/dxI3YXb2mpjVO74dI9vPbth+/gTw==
.lumen.com/	1970-01-20 00:03:42	Name: gpv_pn Value: lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs
.lumen.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.lumen.com/	1970-01-20 00:05:07	Name: _uetsid Value: aba98b00721711ec848f9dd2662ffb09
.lumen.com/	1970-01-20 09:25:16	Name: _uetvid Value: aba9bb60721711ecbcf993a945d29aea
.doubleclick.net/	1970-01-20 09:25:16	Name: IDE Value: AHWqTUn8kno6a0iLCfytPSkMGzAAC7et69hfGn8-yDj40EXKQ5sT8O7cK94J9YY2
.lumen.com/	1970-01-20 02:13:16	Name: _fbp Value: fb.1.1641820653332.1013351963
.facebook.com/	1970-01-20 02:13:16	Name: fr Value: 04Gk5QXVSeLZ1JBet..Bh3DHt...1.0.Bh3DHt.
.bidr.io/	1970-01-20 09:32:10	Name: bito Value: AAH2Yk7DuGQAAEHCcsm2GQ
.bidr.io/	1970-01-20 09:32:10	Name: bitoIsSecure Value: ok
.lumen.com/	1970-01-20 09:33:04	Name: _cs_c Value: 1
.c.bing.com/	1970-01-20 09:25:16	Name: SRM_B Value: 0932762FF6F46DA108106707F79F6C00
.lumen.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%221%22%3A%5B%22Pagename%22%2C%22lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%22%5D%7D
.lumen.com/	1970-01-20 09:33:04	Name: _cs_id Value: 793c6481-6e29-a257-952a-6a6e6b680f26.1641820653.1.1641820653.1641820653.1630437927.1675984653584
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:25:16	Name: MUID Value: 0932762FF6F46DA108106707F79F6C00
.c.clarity.ms/	1970-01-20 00:03:41	Name: ANONCHK Value: 0
.company-target.com/	1970-01-20 17:34:52	Name: tuuid Value: c08efd3f-04c4-47a0-9e7b-01b702993795
.company-target.com/	1970-01-20 17:34:52	Name: tuuid_lu Value: 1641820653
.csxd.contentsquare.net/	1969-12-31 23:59:59	Name: _cs_cvars___3723 Value: %7B%221%22%3A%5B%22Pagename%22%2C%22lumen%7Cblog%7Cnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%22%5D%7D
.csxd.contentsquare.net/	1970-01-20 09:33:04	Name: _cs_id___3723 Value: 793c6481-6e29-a257-952a-6a6e6b680f26.1641820653.1.1641820653.1641820653.1630437927.1675984653584
.blog.lumen.com/	1970-01-20 08:49:16	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jan+10+2022+13%3A17%3A33+GMT%2B0000+(GMT)&version=6.27.0&isIABGlobal=false&hosts=&consentId=d6662a54-1811-4064-abf3-0341e754aecb&interactionCount=0&landingPath=https%3A%2F%2Fblog.lumen.com%2Fnew-konni-campaign-targeting-russian-ministry-of-foreign-affairs%2F&groups=1%3A1%2C2%3A0%2C4%3A0
.lumen.com/	1970-01-20 08:49:16	Name: _clck Value: daeyxr\|1\|ey0\|0
.yahoo.com/	1970-01-20 08:49:38	Name: A3 Value: d=AQABBO4x3GECEBwWr4Y9jlA6pz9yO_LN14AFEgEBAQGD3WHmYQAAAAAA_eMAAA&S=AQAAApcr2M72gfR4USA-Cc4WUEo
.lumen.com/	1970-01-20 00:05:07	Name: _clsk Value: 1knodya\|1641820654279\|1\|1\|f.clarity.ms/collect
.lumen.com/	1970-01-20 00:03:42	Name: _cs_s Value: 1.5.0.1641822454341
.csxd.contentsquare.net/	1970-01-20 00:03:42	Name: _cs_s___3723 Value: 1.5.0.1641822454341

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://r.turn.com/server/beacon_call.js?b2=GVTVbXlWaqL4QizzKjpEeS5laXQMwjJ_TsyWCx_bqMlzKf2nUf1BXkExJCfirVsX7Fts0WWZJ8hWONw7GNAfSg(Line 61) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://r.turn.com/server/beacon_call.js?b2=GVTVbXlWaqL4QizzKjpEeS5laXQMwjJ_TsyWCx_bqMlzKf2nUf1BXkExJCfirVsX7Fts0WWZJ8hWONw7GNAfSg(Line 62) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://r.turn.com/server/beacon_call.js?b2=GVTVbXlWaqL4QizzKjpEeS5laXQMwjJ_TsyWCx_bqMlzKf2nUf1BXkExJCfirVsX7Fts0WWZJ8hWONw7GNAfSg(Line 63) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	https://discover.lumen.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9129572.fls.doubleclick.net
926-hyv-740.mktoresp.com
adservice.google.com
api.company-target.com
assets.adobedtm.com
bat.bing.com
blog.lumen.com
c.bing.com
c.clarity.ms
c.contentsquare.net
cdn.cookielaw.org
centurylink.demdex.net
cm.everesttech.net
connect.facebook.net
csxd.contentsquare.net
ct.contentsquare.net
dpm.demdex.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
id.rlcdn.com
jnn-pa.googleapis.com
k-aus1.contentsquare.net
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
q-aus1.contentsquare.net
r.turn.com
s.yimg.com
scripts.demandbase.com
segments.company-target.com
smetrics.centurylink.com
snap.licdn.com
sp.analytics.yahoo.com
static.addtoany.com
static.doubleclick.net
stats.g.doubleclick.net
t.contentsquare.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
104.111.234.67
108.174.10.14
13.36.218.177
142.250.186.166
142.250.186.66
18.66.112.6
18.66.112.63
18.66.97.57
192.28.144.124
20.84.22.197
2001:678:cb4:bbbb::11
212.82.100.181
2600:9000:2250:aa00:1b:ed91:4680:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:46c5
2606:4700::6810:9440
2620:1ec:21::14
2620:1ec:22::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba92
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.213.6.222
3.229.54.141
35.244.174.68
50.112.230.199
52.142.114.2
52.222.214.106
54.154.81.57
54.194.191.134
54.247.140.137
54.72.34.165
54.72.48.7
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
01afffef7a2ddc35bd19750a898ae052c988bfab4d00e8130f2c70ea3136f412
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e87da822ac986c75223804fa7b867343ac35df9c9c022cbbcbeda040e83569
02f54b099729ba6e13e1ad0a10209132809beb9943bb9b504f3c76bdfcab69dc
03c2d3341c0de0a32be63b40905eedc1b643192f932d95abfc4d0bb3fe9e1150
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
05c8be78de7fd954365a1644813796b7212c4f3bcc96d7efb1a9917c8e8e05f0
07080790d7f9d7916c29d2e6b8399bcc7b1d96737804883c6f36738fc65e97cb
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0c75d452f31db2e3597de899da1030a5482b121f6bbad925606c6acc7e4f6190
0d01a94c077fd7478173873016e6aeffba3b92c5823a3cec9c9b0d9bfdfdac12
0d03a456f2316883a9346e0cca40a43dde22a6bda6c2f7732b6ed0124074953d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edd6b41260434bd366c0aa048e8f33fdf659603f62f1a997ca64c03b3f004be
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11dc9df494cc0b52076d639efb1be42f1c1de3f9db71a8c3a8f86bc0f924fe14
16a7b5028752301dad9e2ae9decfece30905273786f2567329583e78d33da66c
16f3d374b0d55ac2cf2763c81b6741c7ef2bf426af5bfc720f9baccfe8cd6e26
173baad87f19ec62b36a2510ca57f3a735adcd247a3cac531cf82ad8def5a4c1
190913b4e487dee7ae3aeb9cf8f0b858a46f85b28ead9d24918434811052ad58
1a1ee4ba3cbb9a7ec6750fd34f36c96389ea3d458c4bbd538f95d9ce7827d18c
1d31fe6d1e238350215b8a4b288c66adb2f5118233607d4f736a6a66421bf3ad
1e08c4b91021c6d450e7222630604bb17d5a8fee1182ecf98bcc484a979a839b
1e0ab2371f70278b8c40a9d1badb4742954fbd2e4a889e7adebb3d73df4b18c7
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e9404f8a901542e1fab59c9e1694045d135285c95dbe16dd276db17363b2434
1ec0766ddd60fcf8761d80c4c70e936d98974484f9d6d939213a665f81b9482b
205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2
2366ca64d6c139c6105ee7caa70d79b307749823accffa40437ded06fbd46284
244ed92e9f174814079f5a33a718abc5fedbb34eb733e2978d71ebdff1430a36
26500e258c44472f70b852592d16dabd8260ea07db06d5da22a9a9e60ee8c414
27bd3b47f7d1b9adb2575bbf0e960d25fdb28b2e1610d335bf42c62177a32a28
2807db05f536fe45b16757ee0be3052e74fc954f23604d07c53889796adbbdab
29e8d6669ee6cb9b6b5d5df9fe6d2ebe327f9c01857f41e4f260c78751a6b546
2a9bc50f43205533371d3fef1fd116417a53a4f280679b55a827460f3311a2f5
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2cab87c1ef87d86e9d60210ac42d5546c655f9a61063bb0477b0cf488514056c
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d6d4afbec4b2cc3eacef7410bc6b3eb1bc85fa6481777354522dba7b4518f9a
2e0e1b1a73484c455417ab2b822011ab9f984a81e39cf243443f6182d8e4ae19
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
321f00124a60fc5e6c1f960b862e6b3e6eaf7c55e8c2aba6f5b23cb6932fa498
32715322b5908aa93bd0131abf712b37cbec94a26ab45675beb1f7f56574daba
341ecad1e1f5f666dba328077b0f64d0a5d6ea1067d682988823c3bc6d568973
36f49c3349b36ba14678127a8cd6c90108b403a591824c0266d5cc1da2a8f10a
3a90db4f311531c45cc5d2dbb6be1c10d41b4e68657e8eb6c759990a25b98296
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ebf4e27eadc6a8f4a8a4caf56a8ba8b3dcdfcb4591aed3b286803505d48be5b
3ecafab04f5ed199e5492f59233b4e7f5b7bb32fa9a54bb494d9df6205059113
3fcc6c2cc92610b86893d7c62ce2c7d9d123ed81e3ef87976c9ac91a94fb936b
41c48f7fe9cbc4d4a9f1f62b514ec1cefc0a6282b39c0cda77cb0ecd6a760f4e
43320dfd28fb519cf825e4663645778e7aa648e553a110056bf04b06c1a310f1
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ab6999d1b320d75f808f97f55a3029a2932125bf499eaf0126e09cc17cf8972
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
5012972953bac6293f8af3138102e6870b5aa9e04a8385c00f629063222639c4
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50f82bda03703f719cff748e32ecd69e4724092fe2ae76a522e4270ff133d6ce
52631b327a06f179bced77f9a92882a8f4d07e560598e012048b0c39d324dad8
55761e4f4343b3e60b8d9bd6ee709f898574e66038688c370db9b6811d7e4aba
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d4c7cf83a78f9a6baba9a09bbbea57f65110c9d62a4aed2d9fe40ba0de331a
5807d60fdb9f5587a4cef708dc6db7989f1ab0d93c84063df19015cfc4ba3225
58dd85f2b7b1c4c4113ee2fdf06db8baee8130320bb5b42cb9ffac3dd44d24bb
59fb375e99652e717761543d28849e47af560ef77474e230030985e7edbe91c8
5a2cb664344f0f81c707d99b761530ba542541ee6d7700687e9a06d83806f5d5
5a81a5e08e2091ede6a91c4798e45779aa06123842ed883ad75d7ea813cc15e3
5a87da688bb4ee5a5fc733416d7200546ca989356bee3bf24765bbb9eed111c1
5accd08ce149aab12721799f06c62096136ecbef421a94cfbeaf59a6cc4019d0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
616cf6810015ea3770ac3caa395edcaa640ef5c14d66f26fd0b7118427b80f88
6384abcc9596655574c90694dfbde23dcbb5cea26c595fb1b60e22fe98e0e24e
6555d09527669cd853da8b5cdb6c1946923692decba931d5f9b43cfe850fb3c0
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
67e8bb09609711fbcd90a1cf37a2fd5d443713153ab885dcb78d57058d4c6ff5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6829c1878e43fdd02c7244b48260f1ff88f6fcac41d1c301ba0ae1377e73a445
69f06f02087358cfdf71ea8c1db996682a2b35ff4cadc602c00c3f4d20071fd9
6b353e044c92aeb68da6998845a98da6edb7a97b28ba9b070af47fc4b7f492f3
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1
710ff0af36d28d46a986a15f4744beb4306e36e19fc2e907dc90cd71e8ab602a
714429ecf6aaf22388d577c0ca211c0f58129e41c8692939420fe96e49ef89fc
7279f039bbec03706ca0460fb25f9d39a4d00dbf2e48d8a19d4997bcdd751fb0
72e1f4b24380d6707ac1181f875e255dd37b71628602b59523f854b63b619429
777e5fd12c485e795a3762463ea428c45b3022da8cb6a43b74566dc728a76cfe
785691245376d470ef742734e34c4d5907a26242bb8f21dbc9a50cfeaa86be42
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e251dccf9bb0f1f71133b08f1d1af375cc74452d4fc7d7ce6e5efc8120f3e95
7e29c072a03e9825f54a07dbecb8cbd7f1fc934fa4886692717e18b3d393f8ff
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
80ccff5d5ffccfb54d9645d87ee2def16f0dbc4354edee193f87f7156088fdd7
838731fc893310675fa65bb708bbe8813968b93e8e48ac0be39903baac9a0df6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b3833b74166fdd5117d2932dfd70194654224487768a33450ac6fae2eaabf2
8623b676c5bc7eb1898f0867d3938e20fbc30d040e257265068a777f12c7edd0
8635e88570d76fa549afc0e7762703d84486b3b8dc9e7d25c91bf16f7e99f1a8
89bbdb1fdf00e79bc08d0d9f7a8bb8bac20357f8966c1225c2e47d9eb7a5c66b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2b170aade2fe6e5c1e7965442121e6a3472ef61b542e56451f3a3dc6f0012f
8adc377a6a5c1d3a9ab10793c57b6dc6fdfcff0de61f52dda905da037d1c1e7c
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8e1b0819d8aa70b3c1d9c98d465eaa480813fd201ab1ce9441821addfbd84153
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
91335829b60dcfb864d00b920be8993b8bc3e8275d796121b72df743ae6d19bd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
94991c4a635a4267f6d82e218ce9bdb4366a42a1ef676da5336b25bad6a2d225
95bd1f4465f59c5f0207bbf4605668e34ee9391f5c605737fe64196518ebba8f
96c76a7af27cb509867c24dc39e493bf5d3a3c7abcabc7c1ee56a3907a495cf2
96f6b2488ef56550ebc11634ca36a47d59ff7f6b029098a44dba170c674ead09
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f2ae0cd6aba41f079d3ee56c0518081cafd8704bf8f6336df2553c48ea0f52b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a21b30b2a786682f0d591c7efecd653f038607546881ada1af46a9a25850e789
a30efe5482066576af9976d7b0716c88d2ccd05e54bfb481bd8485427945dbd0
a37d74920e3dbcc1bb62872d01435c6b1959b2a2cb0e7d9b281facd04cf52c10
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d
a7ed0f85261e7d594171e2dfd5032c23abae12d922850af74bcd002a03ae540c
a7f6eee74beda7796e8314b95c76327ef88005a07657ba5dcc701d5da4d9ba95
a840464a6fc26fd69a943d989bc84bc44b437349d493b2f43b0bfe1df353bce3
a93e4aa8c93413cd9f2a79f9c3012a2d4ae68a8caea0ced533c493afb18f0ab5
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aaa29684a69105ff21619450104855b2aec922cdb4e682fd4987c894a8d3e39e
ab9ba143cfc59363c365bf3af78e198c11ad2d6656a788c203eec05ac12a9154
b0bcecd55a876af96c98b7168d2efe8a374670ddb03fe46e31b51770657541ca
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
b1b1c780253f165047e9b30b76816b144a3f6d72d471413306fc62de536ec831
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b52cc4be6a05df6efda2ceb5ecdf84f34f97a70ebc8c65751cb4b3bf97030ea2
b673b306074ff41083de3d9770be8efe0a0c6c2aacd32bb6af6853d6ac081553
b73e9398596cacec72ddcd48cc467dcb1d2d1f452ba56feebac8dec8ec346460
b9c97498e4d81a150c4c6c2a7c04f8664ae665de9d3636db572616f8298e6f86
bc1e99d70e90c0e193dfef7fff2af3370838c17ca0804460723a9073f4271b21
bc9bc5ed82d1afd82adc39797ae8fccf0521d8a7a39e3688b3c0251de89b0000
bd139fee2f46c166f9a4f369933a9190e92646be128017f4aac75f74caaf6d6f
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
be008c63ddefca3ce28657d3bec71467649a1cd0d6d83631ba31fe61e82bef6f
bf7635163c0991525863f3b5eb809ab7770fcdd92de0e916c162b8f1fbb71b1a
c079194095af0996e73b7bd403a83951f51ef3777ad338ea8cc0b2b10d492785
c11279f1b5c2ffceb366fdaff5a996977a9831c5db265eb25740d4729c763e5b
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c4a76db50f9e5bb21ac4afe87ba9df97523bce5abe0360e3e6b395e36a3870bc
c503eecf1acd77cd695259e9c52e65efb25ca415f9ab2f1c32bd30bbfcec35e2
cbe20461a1710866e2834c9ce87f0f31d61ef09ba3db1d9eca72b957dfc066b9
d037a233538ededb85d322cc5c9b111175dad4a276f95ffc57af8debfc876e0d
d1825c7016faa46c1c6127f10be9f9f8bb6a0cfa616fa2cd4f2a2750144d1474
d47918cf1c2106715aa230db936f770cd2259ea9b1d9df065e33245d6cf8b021
d49a3f970fce7552d5503eb1ad0ceffdbe07fa9208cc7c2dfa87cf8fd30095f8
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d881f3a245d5aa156bf4dab9e70758d779283cd535603a46b74f966196cacca5
da1ba35a2a2d6ce67672b81a8bd061e3eb6cfdb6d7369252c89b059150631787
da4c46d25fe6bdff1be282d1dc11d1b08f94d523bdb2dbd04ecfa2a56a605da2
dbe93faf4130e4d7aa94965a087f30fea8b94aab82259ff355322381ae5417d0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df26828295e85aa9ec611122bcfd5fe04e26b2a2c95c85a6e33c02c4cb19868f
df5b81025d3e0d5e272244df7d6daa62ca081cec443da8e82b182bb0ef978d51
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e1a14e5eaf9894bf95b58aa8afa56fea3f01385e3acae98fe5229f9d706ec073
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60cafed4f52b77ac8ca85e1fbca58d2ab2cebec2479b85a5cf5b5d94b7cfee9
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e701b8c32867d0e3d7421103495316d2b3709ca3568a83bfad9ea816f12aaf6d
ed33c81eada15be8725e8835d699400bcbdb8efce7d5d306eeedb4c91361af44
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7a1a5c6d4eb90aa97392273352090c628254bbcd3f5ef5160e5be0cbaecfe4
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
f0c7be55f463c02bbd134c6e2afd2e4137a16468073856266042151fb8057609
f19b250c5481207caccd57abe894d6f690d4e6fd49379224f32f2817bc79f508
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f5d1ee018f4660d84629d58b8e3802ffaa9640c6d1325305c2b3418ff3ad5e70
f5d5326d6927dde6e8e78e6ed65e9c46377c37ec06d33a4e9e0dd41510b12bdc
f607d6acb8ebd8d1355f08502b17dcc7495b1367bfd254ad5c9c5625cd2e59fe
f83192f9f25e3256b595e2834c97386a3cd470333368e9392955558be0e3d1ea
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fd96d9b3f117bd211bf9c6450e287560b6bcc50871852a51b46271c6bb26c520
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

blog.lumen.com Open in urlscan Pro 50.112.230.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

301 Requests

91 %HTTPS

57 %IPv6

35 Domains

52 Subdomains

48 IPs

6 Countries

4738 kBTransfer

12934 kBSize

49 Cookies

21 Outgoing links

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.lumen.com Open in urlscan Pro
50.112.230.199 Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

91 %
HTTPS

57 %
IPv6

35
Domains

52
Subdomains

48
IPs

6
Countries

4738 kB
Transfer

12934 kB
Size

49
Cookies

301 HTTP transactions
3 data transactions