www.theregister.com Open in urlscan Pro
104.18.4.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Submission: On October 08 via api (October 8th 2024, 2:16:24 am UTC) from TR — Scanned from CA

Summary HTTP 111 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 8 domains to perform 111 HTTP transactions. The main IP is 104.18.4.22, located in and belongs to CLOUDFLARENET, US. The main domain is www.theregister.com. The Cisco Umbrella rank of the primary domain is 100587.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.

This is the only time www.theregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	104.18.4.22 104.18.4.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:400d:c1d::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c07::71	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0c::84	15169 (GOOGLE) (GOOGLE)
5 7	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c02::84	15169 (GOOGLE) (GOOGLE)
1 1	104.18.5.22 104.18.5.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:c86d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:400d:c02::8b	15169 (GOOGLE) (GOOGLE)
111	14

43 104.18.4.22 (None, )

ASN13335 (CLOUDFLARENET, US)

www.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nir.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:400d:c1d::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c07::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0c::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:38::181 (United States) 5 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c02::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.5.22 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c86d (United States)

ASN13335 (CLOUDFLARENET, US)

regmedia.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c02::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	theregister.com 1 redirects www.theregister.com — Cisco Umbrella Rank: 100587 nir.theregister.com — Cisco Umbrella Rank: 224509 go.theregister.com — Cisco Umbrella Rank: 210991	182 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	1 MB
19	google.com 5 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 analytics.google.com — Cisco Umbrella Rank: 147 www.google.com Failed	79 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	29 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	161 KB
1	regmedia.co.uk regmedia.co.uk — Cisco Umbrella Rank: 137523	387 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
111	8

	Domain	Requested by
29	www.theregister.com	www.theregister.com
16	pagead2.googlesyndication.com	pagead2.googlesyndication.com
14	nir.theregister.com	pagead2.googlesyndication.com www.theregister.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	securepubads.g.doubleclick.net	pagead2.googlesyndication.com www.theregister.com
7	analytics.google.com	5 redirects www.googletagmanager.com
5	www.google-analytics.com	www.theregister.com
2	94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.theregister.com www.googletagmanager.com
1	regmedia.co.uk	www.theregister.com
1	go.theregister.com	1 redirects
1	www.google.ca	www.theregister.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
0	www.google.com Failed	tpc.googlesyndication.com
111	16

This site contains links to these domains. Also see Links.

Domain
account.theregister.com
search.theregister.com
whitepapers.theregister.com
forums.theregister.com
www.reddit.com
twitter.com
www.facebook.com
www.linkedin.com
api.whatsapp.com
www.coindesk.com
regmedia.co.uk
economictimes.indiatimes.com
www.nextplatform.com
devclass.com
blocksandfiles.com
situationpublishing.com

Subject Issuer	Validity	Valid
theregister.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.ca WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Frame ID: 7FFD42950E328C773AE33C37BB5DE5E5
Requests: 64 HTTP requests in this frame

Frame: https://94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1CA5A6143F1D6618ECFF9753A3A1ED3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-JXW44Y23NM&gacid=508332044.1728353775&gtm=45je4a20v887771649za200&dma=0&gcs=G111&gcd=13n3n3l3l6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=860402141
Frame ID: 04109BAB44CDDBDEA8EA04ED839BA5D8
Requests: 1 HTTP requests in this frame

Frame: https://94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB96D289707BF56039F89FD1449E3E36
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfSrRY_42_rutnqqxcMj8hwG7pa-12lvjWnZ1aE9jKhSpJP_rnDKd5_B_Bl8C97Dgr3gsa5oU3amlXBrKd-L0FXfjUDqR32KSCNA7-AEEPWIxQqS0dauwoq9o5tEGmCJCQB3u06scAFfIfiT7m-wmtp-EDaGpRn6zfAI29J1NtRx8Kp7oz35szbF_YkiUnVWGXdPNPXMy7L02vwXlhCqR9KmHZlqufuXJBrSF3ktWrd9IdFAB7ngof20b829I6QB4Euv12gbf_yPTM_AxpVrSWaPvVy2ikw_b50l8d0ZVL-fHTjtCchnrxQbbV8KC5IIssUb_Q7-y-ZKh4OOVi6PhaY6VD8Ia_OHlCSJkeHf1pPl6mBbr7VaM4xHqgp7jDDoq0aptNH3SBIa8HRRF_p2MLcVIxSBxWflMD5A&sai=AMfl-YSDPrzBidty1EOlIPd_u1fwZ-HPEWlQ1FlSSYTRnQs_q6mqYdz1WKo1h0XyvJtd2WHmT_WRmFMfxPGDTz6vCXa-r0ifXnLIrOU9g_2PDd0xaHKxdhGOt7-0mjMd8QDP7GzJiWHpBikpcjtZHiVj&sig=Cg0ArKJSzEUYCIfRCGatEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 521CA54D46FF0C8228FFADC29F77194D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg7W5iaxXn8QTjD8Jl3mJx-X7ZaYuGaUzp0wsfZiwzhA_SufWwUsGmElSqI7r08EMs7spxzFpot43qc4MQLPfExQRSMpNQaqcQCqNPmcU55bq6OP3kQDCLzSCiv5aXnz8NMvff9oe2oY_N5ncsJkb93imeOkSE_nafPmBL0BvgeLdT6Z0vNeUtRx6SbZ6_W9EzFGzb5SyyrXiTiMdvYOZfwq7x7-OeWRUDtRZtFd9BS3Rs6KpnUeU8HlVuva0NjOvhG0cEq9oIpBlSvXXcJv6_46E3VwEjWbXx09_N4i3OpX_GjqeD8WY1Jf78xxztoKvOGFmQ5PJNJh4dYG4mKowSTwZbp6dxg83mEYb86PxCHbJ7WVHCqo2kCtNmyr2c2SJqzRPrcDltKbbR9VVnIN46xM5pUEL8JLcPqw&sai=AMfl-YSQavdgbHkAqMNZ6I6MWcfB-ryl1dEj35RdIWeRlp5lDgRvMB8OyCPCfCngqQv-aMLVS_yKyDi6fQ1bYuVUCFhdNAd35reBOy6NrhEx1SxN0W0r47MTMhNp6SeieVV5vKZgHYlxK8SGV68PRyur&sig=Cg0ArKJSzOP7T0NkLmklEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A161D3AC1051706EFD3AE847B6A7B1D8
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv94CM9XWeFomsRoddx1CRHTOpN-QIN1PFHGxOu-ytMO-5v9mI3m4V7pHU0_Zhjsba9pR2UAgtxOJJw0ITXeg5Ku8Bpc-VthRYus6C3J-MHO3WqIV43VXYlv96Dqcc6QGoFqccBIqxExRD8xLtFHxarEYPy2E_P1dnNGkX02UMIlmVj_IZg8lL03PmPQyNJl8GoCvDbcEy_nCotYq3ef8sZorOFGkh_IxKNKduIV2B63F8AWmND9Jg4TWNcw0HkOGGLX2mMqSY1pFPP2Cr9Dn6CjoLjQAMO_A61Gx3v8XRshi_9p-MvbIcscSICGssEZv3q5DvzNyKBZEaT6w1YERLDFo7ZuQ3nqsap-bdIuztjRlHj-4IM_t7SQ6tfdyhaZVcjZjAWAA6btG8jxyxEoIqrfXE9aR7Q7PZUg&sai=AMfl-YQMnJxw7RAyoghRxxiSNCHZQV-P8kcywPmZ7Q2D7UpC2Dt9gfUMW8QcZG5k7O2BzWxdAjzGfmrmv9a_vg-F2pwCBVsA2ZNzUxCz-eXlkzOOdNguL5f_BQ1GliJu_GJWMhG--dG-ALPeajB4A1TV&sig=Cg0ArKJSzNHbC52FaybnEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 79604B09B4D5C6D6BE33C483A631A4BA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVFoSi7fQlCKS1fRLSFpibfswNkEAizaK62r8LgVnDkQzlvLCxlzi95jDp8O2kz3ILN72FZwtG_eBX75XQkvkFVRMmaEybdQoO6quTkWyvNuVd7DpN4cvREE2r0b1TxOXLESFVymIO9Bv2zwam8gZMwWB8eZ8sYY_lfB_5hf-mU6Zp2fsNzb5Ew2OwiRBJh2dRSFHRubcEngYCm2eAOU_MH6Y1EcwBnKe2phl7xs8Pv-33__sD0322-BCvRVfdTHykKOdKGOGEmYLdThQygSQ5MnetwXFCiX6O880KuXKQvs7-Zvkaf94SFzGID3lT201eAZnDV5JsdCZD-BdwibmnJARCu6hUASggVMC5uVo9xuzuS6t0kLUnrYy8udhezk9YiQvyKGz7U0HUM4WNPpeyFsF7ttF8PRiJfQ&sai=AMfl-YRqrJupZL-hxPp0XU6pKw2-XWTEMaAZf7ykJIP--FJCQIdiD7L1yY0738zSN9zHOeSFQmzi919WcrjjhvNRw3vr1ittQmr4jw7LXLxY7JUZ7IZDisq1Vd5PIOnVKjjLlXnhOpt5gv7rTUgxQawp&sig=Cg0ArKJSzNVPXQJxGFoNEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 8C498AD7DFCF3D48B0380D0C0BFD43A8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJ6nQJN4sI0QLthii7LIbPRtKikXXIGmJbjPKrtO6J-10hT93Fvq9_bVtMPIkBNPhLT8UcbgDU0DjwrNskJYFVU1KIw_XYOFBA8v0sKaZmzntKGHiXgjBk5d9wo4OWIxXpWFYfy6c0vKs56ZFB8cCjg1xTvWYYY85PKQT2t6d014ChReHhiq4lgr5koxJkv5z75LkDFsXeDWEKaATQWjRcBiyPrwXH2xjWW_lonnYDB24Fe_Zvl0L1Eg_UyEA5_JSfepBQEikyqDPWJkkMGfx2FACiKcZ3BxSGsJ8P4bSKr6R2573P5xgDzhiCqRN8zJVslgRoW8srbbsaNoCPhHZcVCjzjYTKB7R0vgklUmU_IhaYBuT7OpQrP2NH6UF3PIdAHj4Af9cAp5rnDklaoj1cGkqel76iUU1cZA&sai=AMfl-YSSDjQpeWbmM_1b45z7y9BOb9bebnOxT6mcchvb_EJC362kN95JbCRcMURM7tUAJ_ljKtP4YOp4cB4HoY9HhG2i_l1bNIq5TIa9HNZjFcaaEJVzB7y-hP8vux4NYizNYuJmfxn8IK9LBtXDPD3Q&sig=Cg0ArKJSzG1eVMYrCz8eEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A9010D2CDB8EAF799DC407FEBD330B9B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 192AEB7855944344A31050808570ADEC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF96708CFD70EEC7451900153C96D1D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Feds seize tiny sliver of crypto stolen by Lazarus Group • The Register

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

111
Requests

93 %
HTTPS

86 %
IPv6

8
Domains

16
Subdomains

14
IPs

2
Countries

1629 kB
Transfer

4329 kB
Size

12
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://account.theregister.com/login?r=https%3A//www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Title: Sign in / up

Search URL Search Domain Scan URL

URL: https://search.theregister.com/

Search URL Search Domain Scan URL

URL: https://whitepapers.theregister.com/
Title: Whitepapers

Search URL Search Domain Scan URL

URL: https://whitepapers.theregister.com/events/list/
Title: Webinars & Events

Search URL Search Domain Scan URL

URL: https://account.theregister.com/edit/newsletter/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://forums.theregister.com/forum/all/2024/10/08/us_lazarus_group_crypto_seizure/

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Feds%20reach%20for%20sliver%20of%20crypto-cash%20nicked%20by%20North%20Korea%27s%20notorious%20Lazarus%20Group

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Feds%20reach%20for%20sliver%20of%20crypto-cash%20nicked%20by%20North%20Korea%27s%20notorious%20Lazarus%20Group&url=https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Feds%20reach%20for%20sliver%20of%20crypto-cash%20nicked%20by%20North%20Korea%27s%20notorious%20Lazarus%20Group&summary=A%20couple%20million%20will%20do%20for%20a%20start%20%e2%80%a6%20but%20Kim%27s%20crews%20are%20suspected%20of%20stealing%20much%20more

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/business/2022/11/02/crypto-exchange-deribit-loses-28m-in-hot-wallet-hack/
Title: Deribit hack

Search URL Search Domain Scan URL

URL: https://regmedia.co.uk/2024/10/07/deribit_hack_court_documents.pdf
Title: court documents

Search URL Search Domain Scan URL

URL: https://regmedia.co.uk/2024/10/07/stake_lazarus_group_lawsuit.pdf
Title: forfeiture action notes

Search URL Search Domain Scan URL

URL: https://economictimes.indiatimes.com/tech/technology/fbi-reaches-out-to-wazirx-over-crypto-heist-north-korean-group-lazarus-hand-suspected/articleshow/112088277.cms?from=mdr
Title: WazirX exchange

Search URL Search Domain Scan URL

URL: https://www.nextplatform.com/
Title: The Next Platform

Search URL Search Domain Scan URL

URL: https://devclass.com/
Title: DevClass

Search URL Search Domain Scan URL

URL: https://blocksandfiles.com/
Title: Blocks and Files

Search URL Search Domain Scan URL

URL: https://situationpublishing.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://go.theregister.com/k/abt_a HTTP 302
https://regmedia.co.uk/2007/09/13/tp.gif

Request Chain 86

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=3&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6784278450&ep.eadv=4659056331&ep.ebuy=3568848685&ep.ecid=138490128472&ep.epid=22999594464&ep.adunit=%2F6978%2Freg_specialfeatures%2Fcybersecuritymonth&ep.value=1&_et=236&tfd=2682 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=2324509236985844055&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 87

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=4&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6784278450&ep.eadv=4659056331&ep.ebuy=3568848685&ep.ecid=138489505283&ep.epid=22999594464&ep.adunit=%2F6978%2Freg_specialfeatures%2Fcybersecuritymonth&ep.value=1&_et=13&tfd=2697 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=726393658291337760&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 88

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=5&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6784278450&ep.eadv=4659056331&ep.ebuy=3568848685&ep.ecid=138490128115&ep.epid=22999594464&ep.adunit=%2F6978%2Freg_specialfeatures%2Fcybersecuritymonth&ep.value=1&_et=17&tfd=2716 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=3951035307077786513&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 89

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=6&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6784278450&ep.eadv=4659056331&ep.ebuy=3568848685&ep.ecid=138490128109&ep.epid=22999594464&ep.adunit=%2F6978%2Freg_specialfeatures%2Fcybersecuritymonth&ep.value=1&_et=22&tfd=2740 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=784502469394929548&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 91

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=7&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6784278450&ep.eadv=4659056331&ep.ebuy=3568848685&ep.ecid=138490128862&ep.epid=22999594464&ep.adunit=%2F6978%2Freg_specialfeatures%2Fcybersecuritymonth&ep.value=1&_et=19&tfd=2761 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=16468407082923929630&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

111 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/ 77 KB
13 KB 307ms
151ms Document
text/html 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce184b1a6cf5394fe1993d3b832634e36d3531537844223c174b3b63d924486e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8cf2a0ade857541f-YYZ
content-encoding: gzip
content-length: 12485
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 02:16:13 GMT
expires: Tue, 08 Oct 2024 02:16:13 GMT
link: <https://pagead2.googlesyndication.com/tag/js/gpt.js>; rel=preload; as=script;,</design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js>; rel=preload; as=script;,</css/494acdbed1774c091c369807acae1d004f45ce46/scaffolding.css>; rel=preload; as=style;,</css/494acdbed1774c091c369807acae1d004f45ce46/design.css>; rel=preload; as=style;,</design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,</design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin;
server: cloudflare
vary: Accept-Encoding
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
x-reg-bofh: pfy02us

GET
H3 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 104 KB
32 KB 323ms
96ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2807143971bec475b19039a3a7cef9dede103b1552944da67aa68a649f46c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 784 / 20004 / m202410030101 / config-hash: 13693790977841757589
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32881
x-xss-protection: 0
server: cafe

GET
H3 200 _.js Show response
www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/ 221 KB
62 KB 102ms
100ms Script
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1da7d7e56968797d6b3844f7bedd855b366e1496343527a22f4d2871bb86ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: gzip
cf-cache-status: HIT
age: 7053027
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0aee928541f-YYZ
expires: Tue, 12 Aug 2025 11:05:35 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: application/javascript
last-modified: Thu, 18 Jul 2024 11:03:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 scaffolding.css
www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/ 41 KB
7 KB 160ms
157ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/scaffolding.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b18c67c183da5eadf9f83380721ed6abd89f0707d57980f8a0e98a83e2b47f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: gzip
cf-cache-status: HIT
age: 504468
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 06:07:34 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 06:07:19 GMT
vary: Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8cf2a0aee92d541f-YYZ
accept-ranges: bytes
content-length: 6432
server: cloudflare

GET
H3 200 design.css
www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/ 58 KB
11 KB 160ms
158ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/design.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bfdcad6361d264f64c41d95ace7a7bfc886f1b2bf2d2e7e07886e155e585922

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: gzip
cf-cache-status: HIT
age: 504468
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 06:07:34 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 06:07:19 GMT
vary: Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8cf2a0aee92e541f-YYZ
accept-ranges: bytes
content-length: 10939
server: cloudflare

GET
H3 200 arimo-700.latin.woff2
www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/ 25 KB
25 KB 163ms
161ms Font
font/woff2 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4f41c53446bee5ce03284672b4607e4a6ff941cae00ec006411b05a62fbe7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.theregister.com
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: HIT
age: 19206035
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Mon, 17 Mar 2025 02:43:15 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: font/woff2
last-modified: Tue, 04 Feb 2020 15:35:20 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8cf2a0aee92f541f-YYZ
accept-ranges: bytes
access-control-allow-origin: https://www.theregister.com
content-length: 25628
server: cloudflare

GET
H3 200 arimo-400.latin.woff2
www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/ 26 KB
26 KB 166ms
164ms Font
font/woff2 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8c1cbf9732fae6a42b6261c238014eab34943fac5a34711081a62b7cc2eba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.theregister.com
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: HIT
age: 1183840
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Mon, 18 Aug 2025 11:22:49 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: font/woff2
last-modified: Tue, 04 Feb 2020 15:35:20 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8cf2a0aee931541f-YYZ
accept-ranges: bytes
access-control-allow-origin: https://www.theregister.com
content-length: 26144
server: cloudflare

GET
H3 200 story_only.css
www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/ 74 KB
11 KB 168ms
167ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae052937bb9f95d7e43e02e218b81be7412b69b5409de0309580357de79a850

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: gzip
cf-cache-status: HIT
age: 504450
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 06:07:38 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 06:07:19 GMT
vary: Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8cf2a0aee932541f-YYZ
accept-ranges: bytes
content-length: 11262
server: cloudflare

GET
H3 200 rows.css
www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/ 36 KB
6 KB 293ms
292ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/rows.css

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

178640273b1f5e5750d3297b61b3bd3a241ab8b2e121f48c30ee4e8ddc9df41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: gzip
cf-cache-status: HIT
age: 504468
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 06:07:36 GMT
date: Tue, 08 Oct 2024 02:16:13 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 06:07:19 GMT
vary: Accept-Encoding
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8cf2a0aee934541f-YYZ
accept-ranges: bytes
content-length: 5762
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 305ms
114ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ead4dd9fe09a624709e385daa6a498bff005c2cb43e0390e83993897d6dc3b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 08 Oct 2024 02:16:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 51367
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 user_icon_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 573 B
536 B 49ms
48ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/user_icon_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455442b80b731817ad9e5b615c3ffcedbb9e351dc57b0f0298b77cdb5d11d57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884793
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0db83541f-YYZ
expires: Sat, 12 Apr 2025 20:25:57 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 08:25:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 user_icon_filled_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 630 B
568 B 50ms
49ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/user_icon_filled_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1cb4af215bea1d20e63989d2bc87cd3b6daf71af4e59b6ab7875154cecbceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13421710
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0db84541f-YYZ
expires: Sat, 12 Apr 2025 16:09:22 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 08:25:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 reg_logo_no_strapline.svg
www.theregister.com/design_picker/fa16d26efb42e6ba1052f1d387470f643c5aa18d/graphics/std/ 5 KB
2 KB 57ms
55ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/fa16d26efb42e6ba1052f1d387470f643c5aa18d/graphics/std/reg_logo_no_strapline.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391022a2690f18db5daf7a3bc0c5ad36f31b094da5a8912d57c775e5add18d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884793
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0db85541f-YYZ
expires: Sat, 12 Apr 2025 17:15:59 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 magnifying_glass_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 368 B
442 B 55ms
54ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/magnifying_glass_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbf748e68bf2fb8da497de517cbd7826d44c6b278cec89e22a9e13e193e4ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 11246360
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0db87541f-YYZ
expires: Sun, 01 Jun 2025 04:11:44 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 08:16:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 burger_menu_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/ 309 B
442 B 50ms
50ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/burger_menu_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd339c31b8ec482e001dad4fb52e6f8f138ad772b74a2d387943e10df3bbc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 17343366
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0db89541f-YYZ
expires: Sat, 12 Apr 2025 17:17:13 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 08:01:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 burger_menu_white_close_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/ 379 B
439 B 54ms
53ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/burger_menu_white_close_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a839fdcd5d30ced4fa6ca4dce35057cdb7e31f420b1f89fec3491cdf8c3f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884793
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0b0eb95541f-YYZ
expires: Sat, 12 Apr 2025 19:07:23 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 08:01:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bubble_comment_black.svg
www.theregister.com/design_picker/f5daacc84b9722c1e31ba85f836c37e4ad993fc4/graphics/icons/ 892 B
783 B 56ms
55ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/f5daacc84b9722c1e31ba85f836c37e4ad993fc4/graphics/icons/bubble_comment_black.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d683ea3dda6066a1310b46c0e7bceec150db90ef0f33de34b15270f189479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 12098701
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b12bf1541f-YYZ
expires: Sat, 12 Apr 2025 17:16:04 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 vulture_red.svg
www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/ 1 KB
859 B 52ms
52ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/vulture_red.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe083388f76e3adf62d2125ca792e750c814b06694f2362469ac82bb34a8e970

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884258
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b08b23541f-YYZ
expires: Sat, 12 Apr 2025 17:17:40 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 09:37:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 social_share_icon.svg
www.theregister.com/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icons/ 659 B
621 B 51ms
50ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icons/social_share_icon.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6ad8750b8ff72f993d9c45d51e02f31aa20834a48f78644953949afa7a6f8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 12667344
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0b16c48541f-YYZ
expires: Sun, 08 Jun 2025 04:52:08 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Jun 2021 08:01:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 vulture_white.png
www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/ 403 B
642 B 56ms
56ms Image
image/png 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/vulture_white.png

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b711585f391ac5f348dc41253cf4ffba5d49ed997c17170c1fe2498ff13ea817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: HIT
age: 13884793
x-reg-bofh: pfy03gb
x-content-type-options: nosniff
cf-ray: 8cf2a0b09b33541f-YYZ
expires: Mon, 23 Dec 2024 06:07:02 GMT
accept-ranges: bytes
content-length: 403
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/png
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 reddit.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
1 KB 54ms
53ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/reddit.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc879574756f32c9592427da6cd1248dd799b84b8ffaa746adcf447b17860a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 19206099
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0b11bea541f-YYZ
expires: Thu, 05 Dec 2024 07:16:46 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twitter.svg
www.theregister.com/design_picker/4f921d50fffb9eef6342db18e1b2bd1283270524/graphics/social/round/ 539 B
590 B 51ms
51ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/4f921d50fffb9eef6342db18e1b2bd1283270524/graphics/social/round/twitter.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bbc4d38b2c6b4076477ffb3bfd1c0fb55432ca152f71b04c64fb646e9f7a550

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 503056
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0b11bec541f-YYZ
expires: Mon, 27 Oct 2025 06:07:38 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Oct 2024 05:58:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 facebook.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 1 KB
804 B 52ms
52ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/facebook.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed1744324b3aad05fe51ed96e388004a4716276884a66b9abd5cef359140d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884258
x-reg-bofh: pfy03gb
x-content-type-options: nosniff
cf-ray: 8cf2a0b11bee541f-YYZ
expires: Sat, 12 Apr 2025 19:06:23 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 linkedin.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
957 B 50ms
49ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/linkedin.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ef905e7d332a03311b4bb48d3894bccf04d8856a0e0a98ae98683538966025

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13883781
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0b11be6541f-YYZ
expires: Tue, 24 Dec 2024 12:14:25 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 whatsapp.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
937 B 50ms
49ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/whatsapp.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d5ce7773dac38eff9082e13c7bc4307a7c4ba5e76cd95a2eb0faa0de662e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/story_only.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 19197622
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0b11bef541f-YYZ
expires: Tue, 03 Dec 2024 08:03:07 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bubble_comment_white.svg
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/ 676 B
653 B 49ms
48ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/bubble_comment_white.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/design.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53161434a4d50d2b984e91b332463b641b6842578c1f37a1ed81cbdc0a7794c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/design.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884793
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b16c4a541f-YYZ
expires: Sat, 12 Apr 2025 20:24:58 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bubble_comment_black.svg
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/ 892 B
763 B 50ms
49ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/bubble_comment_black.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/design.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d683ea3dda6066a1310b46c0e7bceec150db90ef0f33de34b15270f189479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/css/494acdbed1774c091c369807acae1d004f45ce46/design.css

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884258
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0b17c50541f-YYZ
expires: Sat, 12 Apr 2025 16:09:23 GMT
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pubads_impl.js Show response
pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/ 483 KB
150 KB 69ms
69ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

687524cde30fe73542b07a1b40a9e4217e6080ca31489a89c22f027fb758f8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 5163995724407734425
age: 18311
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 21:11:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 21:11:03 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153279
x-xss-protection: 0
server: cafe

GET
H2 200 6978 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 351ms
150ms Script
application/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/6978?ers=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02987c1977405db28dcb5d239fde8b9cfc1fa2297e955a4f689ab576c8d846f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1_CweSoIE-mv6eru3lsbIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:14 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNSQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcLxbPWkHm0DH_EuLmJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MzPQMzOMLDACn_E9J"
content-security-policy: script-src 'report-sample' 'nonce-1_CweSoIE-mv6eru3lsbIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 645ms
229ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMzfUOlOR8iRDHfUuW_aTE7JymlJWw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H9R9mbG_FXZONnnRh3q-8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_3qSTvYBE7Ma_vEqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzPQMzOMLDADicy-D"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H9R9mbG_FXZONnnRh3q-8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 ads.js Show response
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ 27 B
264 B 51ms
48ms XHR
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ads.js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: HIT
age: 19206037
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b64993541f-YYZ
expires: Sat, 07 Dec 2024 04:42:34 GMT
accept-ranges: bytes
content-length: 27
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 AGSKWxUV1XcFhyeIwBQrUbYVh5HpiZmtxIFn61vWsbhpZR5slWk4h5rZ_oLzYkYyDm5pihK-2zOnO3yD3mXr712DJdfxBrmBnq2LjVIg-7bkooxV2z_wrvq_C8IkPvBa2YuqU4uliTfL4g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
86ms Script
application/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUV1XcFhyeIwBQrUbYVh5HpiZmtxIFn61vWsbhpZR5slWk4h5rZ_oLzYkYyDm5pihK-2zOnO3yD3mXr712DJdfxBrmBnq2LjVIg-7bkooxV2z_wrvq_C8IkPvBa2YuqU4uliTfL4g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MzUzNzc1LDc5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy50aGVyZWdpc3Rlci5jb20vMjAyNC8xMC8wOC91c19sYXphcnVzX2dyb3VwX2NyeXB0b19zZWl6dXJlLyIsbnVsbCxbWzgsIlBXcWhvaFFHRXBnIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1aa61a44d5a1456340fda080f8133e3a15ef42215b5f97bed57f6b1e70462a66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cDZT3HvVhCZtgkqvk0VGlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXO8Xz1pB5vAhdNr7JQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MzPQMzOMLDAD1gEom"
content-security-policy: script-src 'report-sample' 'nonce-cDZT3HvVhCZtgkqvk0VGlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 270 KB
29 KB 724ms
311ms Fetch
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2356499949140571&correlator=4454481237985296&eid=44809527&output=ldjh&gdfp_req=1&vrg=202410030101&ptt=17&impl=fifs&gdpr=0&iu_parts=6978%2Creg_specialfeatures%2Ccybersecuritymonth&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C320x50%7C970x90%7C970x91%7C970x250%7C970x251%7C1200x270%7C1200x271%7C728x90%7C728x91%2C320x50%7C970x250%7C970x252%7C970x90%7C970x92%7C1200x270%7C1200x272%7C1200x600%7C1200x602%7C728x90%7C728x92%7C300x250%7C300x252%2C300x250%7C300x253%7C300x600%7C300x603%2C320x50%7C970x250%7C970x254%7C970x90%7C970x94%7C1200x270%7C1200x274%7C1200x600%7C1200x604%7C300x250%7C300x254%7C728x90%7C728x94%2C320x50%7C970x250%7C970x255%7C970x90%7C970x95%7C1200x270%7C1200x275%7C1200x600%7C1200x605%7C300x250%7C300x255%7C728x90%7C728x95&fluid=0%2Cheight%2Cheight%2C0%2Cheight%2Cheight&ifi=1&sfv=1-0-40&ists=32&sc=1&cookie_enabled=1&abxe=1&dt=1728353775098&lmt=1728353775&adxs=-12245933%2C15%2C15%2C1100%2C15%2C15&adys=-12245933%2C82%2C744%2C1027%2C2420%2C2903&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&vis=1&psz=1200x3277%7C1200x3277%7C662x1657%7C300x633%7C1200x683%7C1200x787&msz=1200x0%7C1570x90%7C1570x250%7C300x600%7C1570x90%7C1570x90&fws=132%2C4%2C4%2C516%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&td=1&egid=14645&tan=0133a5cc-e66a-41fd-b3f1-73a2f93b1933%2C0133a5cc-e66a-41fd-b3f1-73a2f93b1934%2C0133a5cc-e66a-41fd-b3f1-73a2f93b1935%2C0133a5cc-e66a-41fd-b3f1-73a2f93b1936%2C0133a5cc-e66a-41fd-b3f1-73a2f93b1937%2C0133a5cc-e66a-41fd-b3f1-73a2f93b1938&tdf=2&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1728353773883&idt=632&prev_scp=pos%3Dtop%26raptor%3Dkite%26unitnum%3D1%7Cpos%3Dtop%26raptor%3Dcondor%26unitnum%3D2%7Cpos%3Dtop%26raptor%3Dfalcon%26unitnum%3D4%7Cpos%3Dmid%26raptor%3Deagle%26unitnum%3D5%7Cpos%3Dbtm%26raptor%3Dhawk%26unitnum%3D7%7Cpos%3Dbtm%26raptor%3Dowl%26unitnum%3D8&cust_params=test%3D0%26li%3Dnull%26uid%3Dnull%26sc%3D1%26bwidth%3D16%26bheight%3D12%26orientation%3Dlandscape%26mm_segments%3D%26reg_vfc%3Db9718942b334dca90fdbda7a495e78fa%26reg_bet%3Db9718942b334dca90fdbda7a495e78fa%26tpt%3Dwww%2520story%26pid%3D236614%26pt%3Da%26axc%3Dnull%26kw%3Dcybercrime%252Csecurity%26cat%3Dupdate_me%26tag%3Dnull%26author%3DJessica%252520Lyons%26year%3D2024%26nsfw%3Dnull%26np%3D15%26eac%3D6%26ct%3Ds-async&adks=303449636%2C2392530753%2C4224390717%2C1257724483%2C4122668220%2C3866517506&frm=20&eoidce=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

776772e5b520d64efc0ef136f14c0124741a506712a73d55fc7eedab4e5b37c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
google-lineitem-id: 6784278450,6784278450,6784278450,6784278450,6784278450,6784278450
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138489501299,138490128472,138490128109,138490128115,138489505283,138490128862
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theregister.com
content-length: 29302
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1CA 0
0 473ms
137ms Document
text/html 2607:f8b0:400d:c0c::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 02:16:15 GMT
expires: Tue, 08 Oct 2024 02:16:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 338 KB
110 KB 110ms
109ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e92de9184f82a42c58077f9ec64f34cc4078d2367cdc608fac14b3d575287fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 08 Oct 2024 02:16:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112602
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 AGSKWxU_PTXzBP5NuZapRklD9Y4XWJ9DUWG2uYuOAuFvo66kqHAQEWD30TVvpTh4zlBncqO5MKAGCNG2HuxLqztHYUOECPdq5-xIJB-6dl-teA1-zU4OzfR9NsXl4RVZKZm-tldPyQnyLQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 183ms
183ms Script
application/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU_PTXzBP5NuZapRklD9Y4XWJ9DUWG2uYuOAuFvo66kqHAQEWD30TVvpTh4zlBncqO5MKAGCNG2HuxLqztHYUOECPdq5-xIJB-6dl-teA1-zU4OzfR9NsXl4RVZKZm-tldPyQnyLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MzUzNzc1LDIwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnRoZXJlZ2lzdGVyLmNvbS8yMDI0LzEwLzA4L3VzX2xhemFydXNfZ3JvdXBfY3J5cHRvX3NlaXp1cmUvIixudWxsLFtbOCwiUFdxaG9oUUdFcGciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdbe4fd8107e8887100fe651cb6fd09fe31af3b6a83c1cc41899d805afdbeb1a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dRWXamatBSYIm14R4-a6vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XC8Xz1pB5vAgtPNrYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBmZ6BubxBQYAKT9KDw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dRWXamatBSYIm14R4-a6vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
analytics.google.com/g/ 0
0 382ms
94ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&_gaz=1&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.reg_uid=(reg_unknown)&ep.reg_auth=Jessica%20Lyons&ep.reg_sec=reg_specialfeatures%2Fcybersecuritymonth&ep.reg_pt=www%20story&ep.reg_cat=update_me&ep.reg_alm=(reg_empty)&ep.reg_akwp=(reg_unknown)&ep.reg_uls=none&ep.reg_prev_pt=(reg_empty)&ep.reg_prev_ut=(reg_empty)&ep.reg_d11=(reg_unknown)&ep.reg_d12=(reg_unknown)&ep.reg_d14=(reg_unknown)&ep.reg_ded=(reg_unknown)&ep.reg_dorg=(reg_unknown)&ep.reg_ab_var=(reg_empty)&ep.reg_seg=(reg_empty)&ep.reg_aid=236614&ep.reg_asec=special_features%2Fcybersecurity_month&ep.reg_akw=cybercrime%2Csecurity%2C&ep.reg_vfc=b9718942b334dca90fdbda7a495e78fa&ep.reg_bet=b9718942b334dca90fdbda7a495e78fa&ep.reg_noz=(reg_empty)&ep.reg_date_modified=2024-10-08T00%3A11%3A09Z&ep.reg_date_published=2024-10-08T00%3A27%3A08Z&ep.reg_description=A%20couple%20million%20will%20do%20for%20a%20start%20%E2%80%A6%20but%20Kim%27s%20crews%20are%20suspected%20of%20stealing%20much%20more&ep.reg_image_url=https%3A%2F%2Fregmedia.co.uk%2F2023%2F10%2F03%2Fkorea_shutterstock.jpg&ep.reg_title=Feds%20reach%20for%20sliver%20of%20crypto-cash%20nicked%20by%20North%20Korea%27s%20notorious%20Lazarus%20Group&ep.reg_url=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&ep.anonymize_ip=true&tfd=1868
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theregister.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 426ms
73ms Ping
text/plain 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JXW44Y23NM&cid=508332044.1728353775&gtm=45je4a20v887771649za200&aip=1&dma=0&gcs=G111&gcd=13n3n3l3l6l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theregister.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 0410 0
0 416ms
101ms Document
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-JXW44Y23NM&gacid=508332044.1728353775&gtm=45je4a20v887771649za200&dma=0&gcs=G111&gcd=13n3n3l3l6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=860402141

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 02:16:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 802ms
439ms Image
image/gif 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JXW44Y23NM&cid=508332044.1728353775&gtm=45je4a20v887771649za200&aip=1&dma=0&gcs=G111&gcd=13n3n3l3l6l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1136267982

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 container.html
94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB96 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c0c::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 02:16:15 GMT
expires: Tue, 08 Oct 2024 02:16:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 521C 0
0 206ms
200ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfSrRY_42_rutnqqxcMj8hwG7pa-12lvjWnZ1aE9jKhSpJP_rnDKd5_B_Bl8C97Dgr3gsa5oU3amlXBrKd-L0FXfjUDqR32KSCNA7-AEEPWIxQqS0dauwoq9o5tEGmCJCQB3u06scAFfIfiT7m-wmtp-EDaGpRn6zfAI29J1NtRx8Kp7oz35szbF_YkiUnVWGXdPNPXMy7L02vwXlhCqR9KmHZlqufuXJBrSF3ktWrd9IdFAB7ngof20b829I6QB4Euv12gbf_yPTM_AxpVrSWaPvVy2ikw_b50l8d0ZVL-fHTjtCchnrxQbbV8KC5IIssUb_Q7-y-ZKh4OOVi6PhaY6VD8Ia_OHlCSJkeHf1pPl6mBbr7VaM4xHqgp7jDDoq0aptNH3SBIa8HRRF_p2MLcVIxSBxWflMD5A&sai=AMfl-YSDPrzBidty1EOlIPd_u1fwZ-HPEWlQ1FlSSYTRnQs_q6mqYdz1WKo1h0XyvJtd2WHmT_WRmFMfxPGDTz6vCXa-r0ifXnLIrOU9g_2PDd0xaHKxdhGOt7-0mjMd8QDP7GzJiWHpBikpcjtZHiVj&sig=Cg0ArKJSzEUYCIfRCGatEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:15 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/ Frame 521C 3 KB
2 KB 312ms
87ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 24880
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 19:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 19:21:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 521C 206 KB
64 KB 147ms
144ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 207
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 03:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:12:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
nir.theregister.com/ Frame 521C 0
290 B 182ms
125ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0bbdf28541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H2 200 3631217966692423842
tpc.googlesyndication.com/simgad/ Frame 521C 198 KB
198 KB 447ms
224ms Image
image/jpeg 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3631217966692423842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c1b4d29fb978d9201041b1ab46f6eb428d8c2ef2ea4833f10d0c665d58a333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 09:15:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 202816
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A161 0
0 195ms
195ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg7W5iaxXn8QTjD8Jl3mJx-X7ZaYuGaUzp0wsfZiwzhA_SufWwUsGmElSqI7r08EMs7spxzFpot43qc4MQLPfExQRSMpNQaqcQCqNPmcU55bq6OP3kQDCLzSCiv5aXnz8NMvff9oe2oY_N5ncsJkb93imeOkSE_nafPmBL0BvgeLdT6Z0vNeUtRx6SbZ6_W9EzFGzb5SyyrXiTiMdvYOZfwq7x7-OeWRUDtRZtFd9BS3Rs6KpnUeU8HlVuva0NjOvhG0cEq9oIpBlSvXXcJv6_46E3VwEjWbXx09_N4i3OpX_GjqeD8WY1Jf78xxztoKvOGFmQ5PJNJh4dYG4mKowSTwZbp6dxg83mEYb86PxCHbJ7WVHCqo2kCtNmyr2c2SJqzRPrcDltKbbR9VVnIN46xM5pUEL8JLcPqw&sai=AMfl-YSQavdgbHkAqMNZ6I6MWcfB-ryl1dEj35RdIWeRlp5lDgRvMB8OyCPCfCngqQv-aMLVS_yKyDi6fQ1bYuVUCFhdNAd35reBOy6NrhEx1SxN0W0r47MTMhNp6SeieVV5vKZgHYlxK8SGV68PRyur&sig=Cg0ArKJSzOP7T0NkLmklEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:15 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/ Frame A161 3 KB
0 304ms
304ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 24880
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 19:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 19:21:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A161 206 KB
0 140ms
140ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 207
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 03:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:12:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
nir.theregister.com/ Frame A161 0
290 B 266ms
88ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0bca83c541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H2 200 18242291223547993305
tpc.googlesyndication.com/simgad/ Frame A161 466 KB
466 KB 410ms
194ms Image
image/jpeg 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18242291223547993305

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03324589bbd4ac441922b6cc4d829cbc3c3526a152051e749027a079f3ea037c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 09:15:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 476818
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
nir.theregister.com/ 0
290 B 346ms
81ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0bd3914541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7960 0
0 176ms
175ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv94CM9XWeFomsRoddx1CRHTOpN-QIN1PFHGxOu-ytMO-5v9mI3m4V7pHU0_Zhjsba9pR2UAgtxOJJw0ITXeg5Ku8Bpc-VthRYus6C3J-MHO3WqIV43VXYlv96Dqcc6QGoFqccBIqxExRD8xLtFHxarEYPy2E_P1dnNGkX02UMIlmVj_IZg8lL03PmPQyNJl8GoCvDbcEy_nCotYq3ef8sZorOFGkh_IxKNKduIV2B63F8AWmND9Jg4TWNcw0HkOGGLX2mMqSY1pFPP2Cr9Dn6CjoLjQAMO_A61Gx3v8XRshi_9p-MvbIcscSICGssEZv3q5DvzNyKBZEaT6w1YERLDFo7ZuQ3nqsap-bdIuztjRlHj-4IM_t7SQ6tfdyhaZVcjZjAWAA6btG8jxyxEoIqrfXE9aR7Q7PZUg&sai=AMfl-YQMnJxw7RAyoghRxxiSNCHZQV-P8kcywPmZ7Q2D7UpC2Dt9gfUMW8QcZG5k7O2BzWxdAjzGfmrmv9a_vg-F2pwCBVsA2ZNzUxCz-eXlkzOOdNguL5f_BQ1GliJu_GJWMhG--dG-ALPeajB4A1TV&sig=Cg0ArKJSzNHbC52FaybnEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:15 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/ Frame 7960 3 KB
0 276ms
276ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 24880
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 19:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 19:21:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7960 206 KB
0 113ms
113ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 207
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 03:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:12:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
nir.theregister.com/ Frame 7960 0
309 B 402ms
82ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0bdb996541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H2 200 11397992325411927374
tpc.googlesyndication.com/simgad/ Frame 7960 175 KB
175 KB 251ms
94ms Image
image/jpeg 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11397992325411927374

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0b79024bbbed21e1d100662bde70f3ee601cb0b546943fec4276816c6c7c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 09:15:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 179163
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
nir.theregister.com/ 0
290 B 493ms
120ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0be3a0d541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C49 0
0 153ms
152ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVFoSi7fQlCKS1fRLSFpibfswNkEAizaK62r8LgVnDkQzlvLCxlzi95jDp8O2kz3ILN72FZwtG_eBX75XQkvkFVRMmaEybdQoO6quTkWyvNuVd7DpN4cvREE2r0b1TxOXLESFVymIO9Bv2zwam8gZMwWB8eZ8sYY_lfB_5hf-mU6Zp2fsNzb5Ew2OwiRBJh2dRSFHRubcEngYCm2eAOU_MH6Y1EcwBnKe2phl7xs8Pv-33__sD0322-BCvRVfdTHykKOdKGOGEmYLdThQygSQ5MnetwXFCiX6O880KuXKQvs7-Zvkaf94SFzGID3lT201eAZnDV5JsdCZD-BdwibmnJARCu6hUASggVMC5uVo9xuzuS6t0kLUnrYy8udhezk9YiQvyKGz7U0HUM4WNPpeyFsF7ttF8PRiJfQ&sai=AMfl-YRqrJupZL-hxPp0XU6pKw2-XWTEMaAZf7ykJIP--FJCQIdiD7L1yY0738zSN9zHOeSFQmzi919WcrjjhvNRw3vr1ittQmr4jw7LXLxY7JUZ7IZDisq1Vd5PIOnVKjjLlXnhOpt5gv7rTUgxQawp&sig=Cg0ArKJSzNVPXQJxGFoNEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 3631217966692423842
tpc.googlesyndication.com/simgad/ Frame 8C49 198 KB
0 380ms
380ms Image
image/jpeg 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3631217966692423842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c1b4d29fb978d9201041b1ab46f6eb428d8c2ef2ea4833f10d0c665d58a333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 09:15:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 202816
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/ Frame 8C49 3 KB
0 80ms
80ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 24880
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 19:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 19:21:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8C49 206 KB
0 89ms
89ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 207
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 03:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:12:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
nir.theregister.com/ Frame 8C49 0
290 B 579ms
85ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0befac3541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 / Show response
nir.theregister.com/ 0
290 B 554ms
87ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0bf8b51541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 521C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47c8eae68b3553d6fcfc88beb61db2ffd3f8ff3f7f103954248011ea916d3af5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A161 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385929dee7dc255c8e0984fbfed5a79ebfaaf98b8fd7ceb611c68f405aeec908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7960 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 158445ff577bf0d12faf2bacd868bae3f8219a2965b27ba328e00d4e72dff96f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8C49 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea5e981f5e06721bbe6674f28e8189f3ba0e785501310b5e36ab56e930021ef4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A901 0
0 143ms
142ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJ6nQJN4sI0QLthii7LIbPRtKikXXIGmJbjPKrtO6J-10hT93Fvq9_bVtMPIkBNPhLT8UcbgDU0DjwrNskJYFVU1KIw_XYOFBA8v0sKaZmzntKGHiXgjBk5d9wo4OWIxXpWFYfy6c0vKs56ZFB8cCjg1xTvWYYY85PKQT2t6d014ChReHhiq4lgr5koxJkv5z75LkDFsXeDWEKaATQWjRcBiyPrwXH2xjWW_lonnYDB24Fe_Zvl0L1Eg_UyEA5_JSfepBQEikyqDPWJkkMGfx2FACiKcZ3BxSGsJ8P4bSKr6R2573P5xgDzhiCqRN8zJVslgRoW8srbbsaNoCPhHZcVCjzjYTKB7R0vgklUmU_IhaYBuT7OpQrP2NH6UF3PIdAHj4Af9cAp5rnDklaoj1cGkqel76iUU1cZA&sai=AMfl-YSSDjQpeWbmM_1b45z7y9BOb9bebnOxT6mcchvb_EJC362kN95JbCRcMURM7tUAJ_ljKtP4YOp4cB4HoY9HhG2i_l1bNIq5TIa9HNZjFcaaEJVzB7y-hP8vux4NYizNYuJmfxn8IK9LBtXDPD3Q&sig=Cg0ArKJSzG1eVMYrCz8eEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/ Frame A901 3 KB
0 80ms
80ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241003/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 24880
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 19:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 07 Oct 2024 19:21:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A901 206 KB
0 63ms
63ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 207
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 03:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 02:12:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
nir.theregister.com/ Frame A901 0
291 B 551ms
85ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0c01c0e541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H2 200 13783015517180743829
tpc.googlesyndication.com/simgad/ Frame A901 75 KB
75 KB 332ms
230ms Image
image/jpeg 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13783015517180743829

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df1cddba3412fbe96ed7ec4084524de006776e7b89de7985bcdba98cd290041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 02:16:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/jpeg
last-modified: Tue, 17 Sep 2024 09:15:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 77149
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
nir.theregister.com/ 0
291 B 562ms
93ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0c0aca1541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
DATA 200
OK truncated
/ Frame A901 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c46e34fd17cb7a54777558012885f8713e02cce2523e9307f2b3e99fb8b7064

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 / Show response
nir.theregister.com/ Frame 521C 0
290 B 583ms
101ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0c13d50541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 / Show response
nir.theregister.com/ Frame 8C49 0
290 B 791ms
206ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0c1fe04541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 / Show response
nir.theregister.com/ Frame 7960 0
290 B 1075ms
284ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0c32f10541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 / Show response
nir.theregister.com/ Frame A161 0
290 B 1315ms
238ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0c4f8c6541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 200 / Show response
nir.theregister.com/ Frame A901 0
290 B 1461ms
146ms Script
application/x-javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3568848685

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: DYNAMIC
pragma: no-cache
x-reg-bofh: pfy02us
x-content-type-options: nosniff
cf-ray: 8cf2a0c67a0b541f-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: application/x-javascript
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 521C 0
0 345ms
110ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

tp.gif
regmedia.co.uk/2007/09/13/
Redirect Chain

https://go.theregister.com/k/abt_a
https://regmedia.co.uk/2007/09/13/tp.gif

43 B
387 B

314ms
130ms

Image
image/gif

2606:4700::6810:c86d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regmedia.co.uk/2007/09/13/tp.gif

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Protocol

Server

2606:4700::6810:c86d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d77d9587f7e1475c01b26cc763774872a176a889d02ee7efb7fbb50ebdf327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-bgj: imgq:85,h2pri
etag: "31-43a027a4c29c0"
age: 17996108
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 02:16:16 GMT
cf-polished: origSize=49, status=webp_bigger
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: image/gif
last-modified: Thu, 13 Sep 2007 11:17:03 GMT
vary: Accept-Encoding
cache-control: public, max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8cf2a0c0aa108c90-EWR
accept-ranges: bytes
content-length: 43
server: cloudflare

Redirect headers

x-clacks-overhead: GNU Terry Pratchett, Lester Haines
location: https://regmedia.co.uk/2007/09/13/tp.gif
cf-cache-status: DYNAMIC
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0beca2b36bf-YYZ
content-length: 292
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C49 0
0 464ms
122ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7960 0
0 644ms
180ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A161 0
0 1150ms
507ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Oct 2024 02:16:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A901 0
0 1421ms
270ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Oct 2024 02:16:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 53ms
51ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1728353775&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1728353775&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F10%2F08%2Fus_lazarus_group_crypto_seizure%2F&dt=Feds%20seize%20tiny%20sliver%20of%20crypto%20stolen%20by%20Lazarus%20Group%20%E2%80%A2%20The%20Register&_s=2&tfd=2682
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theregister.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=2324509236985844055&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-J...

0
0

298ms
96ms

Fetch
text/plain

2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=2324509236985844055&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Protocol: H2
Server: 2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=508332044.1728353775&dbk=2324509236985844055&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0xf4f370a1db685048","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"2324509236985844055","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["10-08","10-07","10-06"]}}
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=2324509236985844055&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=726393658291337760&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JX...

0
0

278ms
97ms

Fetch
text/plain

2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=726393658291337760&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Protocol: H2
Server: 2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=508332044.1728353775&dbk=726393658291337760&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0xf4f370a1db685048","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"726393658291337760","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["10-08","10-07","10-06"]}}
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=726393658291337760&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=3951035307077786513&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-J...

0
0

251ms
107ms

Fetch
text/plain

2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=3951035307077786513&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Protocol: H2
Server: 2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=508332044.1728353775&dbk=3951035307077786513&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0xf4f370a1db685048","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"3951035307077786513","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["10-08","10-07","10-06"]}}
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=3951035307077786513&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=784502469394929548&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JX...

0
0

188ms
98ms

Fetch
text/plain

2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=784502469394929548&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Protocol: H2
Server: 2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=508332044.1728353775&dbk=784502469394929548&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0xf4f370a1db685048","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"784502469394929548","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["10-08","10-07","10-06"]}}
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=784502469394929548&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7960 0
0 335ms
128ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsud6d70_TY--qv7YB722JVbJHQF-zUbNr3nFw_23fqT-nbUSC5QhHMsGioHqmnLFEgHjMgTnRGFsC6LnEqUhRcpsFopqWj6LPrqJxh5RxlL0-Az0-3hzIiJh3NyzAQPWWlw0fFwCyOVIkBpAmMH7JaUH6LLuL5ZrDw7X6gjbXtPdrgKX7jWKKsM6IRUmAgV_43nVOrZ_V2CNcmx4-gMtu8wtWWtHw9yBh6Y_uFIh0TPMrY16HRntX2HpBiXdb172iXTJDYy-xRNLNla0dGBMUNslADvmVkKF5Bb7rA1JOFY7eFY3DPH1HmtXfeCuU8JZKHL6rrHqyq7X5kMYO798A8Z3hwOu0wQ4thdJUQom0BCt5ADDVhx3K04X6Sng01imipUXC90j-FLYzXI4PCySmd96cyH2DK0FZGvBxcN&sai=AMfl-YRL7mx1lchFvUCR4OkwftfqdCkQypHLtviMiXe-iuV9-Vey_-yso6SLpJdu26tf5iCZ4NeTL3F11GNxg3OIPhizYwCyL_5kRPV-cz9DdkhCVrFZVcVEWfsao7o0KfUiDmWEU9pqHlUrWhbEwHNe&sig=Cg0ArKJSzLEGsumh3EknEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4a20v887771649za200&_p=1728353775122&gcs=G111&gcd=13n3n3l3l6l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=508332044.1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=16468407082923929630&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-...

0
0

186ms
97ms

Fetch
text/plain

2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=16468407082923929630&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
Protocol: H2
Server: 2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=508332044.1728353775&dbk=16468407082923929630&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0xf4f370a1db685048","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"16468407082923929630","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["10-08","10-07","10-06"]}}
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=508332044.1728353775&dbk=16468407082923929630&dma=0&en=gam_impression&gcs=G111&gtm=45je4a20v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 dynamicvideoad Show response
fundingchoicesmessages.google.com/f/AGSKWxXahgFNQu3S6d5zJns2Li9rV80lk12ks0fVZuV2IcSzYHCVbkUF-JHPhGPF3wP8cxGdcFda77M0GhPtUnHLJeAvi-n0K6B6d-IJRYhZRLiJHSV9AcXWoHyPp6sEv0PtBty1-XIoJRvmOxHA7UE6Yc4NMGtKZ... 54 B
109 B 107ms
106ms Script
application/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXahgFNQu3S6d5zJns2Li9rV80lk12ks0fVZuV2IcSzYHCVbkUF-JHPhGPF3wP8cxGdcFda77M0GhPtUnHLJeAvi-n0K6B6d-IJRYhZRLiJHSV9AcXWoHyPp6sEv0PtBty1-XIoJRvmOxHA7UE6Yc4NMGtKZic20DzRRGl3wkC0dhLcuPvIPrUxVvNU/_=ad&action==300x300;/dynamicvideoad?/advengine._advert1.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.PWqhohQGEpg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMypUx4N9FOKPsd2RGBT8vuY-EZdIQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb45626c15a44d44c56e6c2415b62fb97bda87aaa3ea1cba5d1211000899337c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wt-DF0GMrEUxlFEpKNIPWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJiCNSQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcHxYPWkHm8CELbs2MSppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoYmOkZmMcXGAAAtxZPbg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wt-DF0GMrEUxlFEpKNIPWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 99ms
99ms Script
text/javascript 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: br
etag: 16023549773543154165
age: 2123
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:40:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Oct 2024 01:40:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 51
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 106ms
106ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qQY6TnqQBosQazBgX2qHHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBG5Mer6JUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmOkZmMcXGAAA7h0vqg"
content-security-policy: script-src 'report-sample' 'nonce-qQY6TnqQBosQazBgX2qHHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A901 0
0 250ms
127ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoHa0IV14mz-gzD0ddvdSUh2U2Ls42InhewIv_W4oJg-8D8xX1SW0xftlwlTIVvlCBu2HgiWGt_leW_0rzkh2Z2KoZrtKeze58mDTWPJNLtcYpYYg0cyMX3vWhAYf3dRTTLHMhIaed7FzdP3QkmBQPZYBTMjqz5Dv5I3P7f3lRVjJXX7ZGi2qXh_jQQ-JuQpHMVtAGCiHWkvHIH97o7abarIhPx7d5sdFjfQPlJeE_DKY8EBUz0GNrUqg95ARcboeMSIqBPU2mDtrcLTRzErHU36OnYOsleyzN2Y_-bs71kwwSLpO8qAM2rbTtvA_DF0GRfc1RNVvEIVmmC1L23_-sS-qrCansGVMySZgG5M4dCbvZYNSGG4Om9yzRk_RhFmycdU3-U3yr-eJIQEmtehMJsb9KFoCe62Bd3cCp&sai=AMfl-YR1c-n7z-4IEFofUfFKxWarhF6Nsash2Z10M66Q77B_tMGApz5bxQwQNQBOMWP89KU15GC9mzjbXOEp0vt8ADXwVip__Ak8OVFhTKCmpCuNsfZZHPADmfpRytEqWSzc8kLJL8i_-1-mL2hFuALU&sig=Cg0ArKJSzLlrIQl0XGLKEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
79ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTtXcDcnv2cUkxHleWq4mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBE6sbn3MqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzPQMzOMLDADjbS-E"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTtXcDcnv2cUkxHleWq4mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 99ms
96ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cHeilzBlCEijaqG9gfY6zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBHYsnvKJUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmOkZmMcXGAAA44Qvhw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cHeilzBlCEijaqG9gfY6zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 105ms
102ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HpCBik3FiGhuyHcfysm-rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBA5cbv3GqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzPQMzOMLDADxhS-2"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HpCBik3FiGhuyHcfysm-rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWPaZMgeASZ_uXqD3goMXy7y205kHi4Ui3qhgLJFjbNd4yJ_nGBok2Q0z1hPXJ3ak55jq7cfUtEKTE0YoGp3fSXvP5w-M27woTkld4fOBUXJBBI1xAl3zSa7owVU9pM0gZa9F-qAw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
79ms Script
application/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWPaZMgeASZ_uXqD3goMXy7y205kHi4Ui3qhgLJFjbNd4yJ_nGBok2Q0z1hPXJ3ak55jq7cfUtEKTE0YoGp3fSXvP5w-M27woTkld4fOBUXJBBI1xAl3zSa7owVU9pM0gZa9F-qAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MzUzNzc2LDQ0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudGhlcmVnaXN0ZXIuY29tLzIwMjQvMTAvMDgvdXNfbGF6YXJ1c19ncm91cF9jcnlwdG9fc2VpenVyZS8iLG51bGwsW1s4LCJQV3Fob2hRR0VwZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918d31aa7f6874032fd30571074824d24be003cabfcee4511a6f56d94d48228c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IqE7Wwbm11wgt4KuRH4jgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XB8WD1pB5vAj39nXjEqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJjpGZjHFxgAAGWrS1A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IqE7Wwbm11wgt4KuRH4jgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 521C 0
0 191ms
126ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc5iC0ZOnk8A1mthrO_1dzZxsQVgLYxEWHuJc1FC7Rj7RuzHGvLscH7_AvYOG8pFsQOLNYoc6sgFz5QJSx3hEbxSoQW4Rl8qljN6Fv26K_cPYNjOC88mLT8JHQ-yfe7iWFDXp-FVVhKLWanIkEhKUMluKyirnbRQejg5gxUKk-P2Ad2ioOp-17gd2aj_ATxOHD-5-z6tTdnnEW_jECoJNC6tb7v3mTTEexffZJtfL3UtjIxgN6nk7Fa2KwnmD7gn8tboysJvLFNFdU_DHQMk1eCxiX4fMxQBf2cXDuDAxhMZqSSBClpCsBx44T9Dr2mhkduS1al44umQ7-_jnO5Sj8KxgpHjlsh6NEz7alF-Lx2OKPaoiPazRUpo0k54q-ZLs34P9hmdOFKirpam74o91_uDU0B5TqzOLzg1zJ&sai=AMfl-YQVRTpaCbInHoVOMrwm7_zzupzsgmIwRoKVmn1cxbdse1E6AvrkBCzBWfQXANtkRxuJGBe9_5iP5oV0CYvJ5L5rg3bXpHlP8Sb-J6Feb_uK5LOKMNeW4XqwFfXQ2A3AKUrnObCT_sBJpXoNUa0E&sig=Cg0ArKJSzKPv6drJX8nZEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C49 0
0 187ms
125ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9br8eeQiYlh-Syx6E8bF1iWuEGmzxLua9rYCYPVexMyUNrkVKgHkhpN-KCXzwNa3dV4eomkTZHEOOAoA-DIXUERqae5h6VvxEXPTpTahQ1pzDDhG1j98S0VFZiz8x8YE3kvVOBNO6WxwPbWDJhn4D2nU-NDIOVosxhQNpkCWLsyK1ag9Z9uLKG6kR3gGUDrk9DPJigVyY9BdFngSjVz9MBoQs-Q6f7Rl2ekUjiSdnjDPSEeHFdKbJr1m2NJZuRi-UlTZkEdU-CBy8oU3pU1-gPQ0kHEn10QVd3MM5FU-UZ3Az7B_tUd9S4w-RnIIAWQBidWrfI4X-7Nsjdr7QDJtmdmTr85jSXepHpSNk70fqq4teoQAlmY4fsnlfgh-jNftoyOBgRhBe7ehOEuM-EwwiHXdlRmBnHnSdLDnU&sai=AMfl-YRI8X8zuCd6_cSjWx_3DRzUyZGnRePN4lr9HcqlmdxXqf1v5c-PqYBOqDIp-B_ZDIjLPfigzo3SRqGlZLdqT78cGvcy0PPl7N4_avYKmeXspN77qhhYq3nX-7G87tfDSoOASSQCaD1nNqSV1NYm&sig=Cg0ArKJSzKMJplwlx7KjEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A161 0
0 172ms
129ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNG9n9V8bJfSx1pEffluQ9PBqqmDgnFKfXIjdiF2_XG3fekEFTH7-P2fu-7IkUTTpY_qCsHKGwD9cZZ867Oykiw-xo_Huw8DXESd_jXrc4s3cMwywayxZUWLM301xZweTbMH9kw8K6Y63rGwpU_7Q98l7zMKRn6GXAqeDcGnrmNC7b4w0uR0K-gmGsY5BtusoBwE8JYtzAnc7X2hsufobq7TJP_ZhNJhnVZyKg-WfyHbCjpDI4Ln-rSvAYsXqNMCtfTezHnLGJiHTuHyNDUBCayIOPam77FnPZwxR9JwqjNip1HnUIp6V26FYdhVKeSpDBh9Eoqm61CkgLDtkuggKw8uqc1EkBwxmDEcQ8mtUlL_LyS5Rf0U_sJREgHCmzy0oZa4bXaZZ_5GTli-Y80rTYrr0hHW31rVnF-er-&sai=AMfl-YTqJzD9i7NW90S5fuxonoOfZIqmsZaAajopELeFZiQtuyTQRqkfUH7rECEmvg0JcvMsoB-1ACl5Ac3L-yIEZxDj3qukQEHH3Cxl5Ed1K_zvGxZJhwA-GZazqsIunRQXl4GCY-5wus_EuFU3FkgP&sig=Cg0ArKJSzIR8szOZNolXEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 08 Oct 2024 02:16:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 AGSKWxXgaTiE0kl-FUS_kShdOffdYStTWGQXHqgSpLhneHchcLkkht88M0GK_r_8Fba_v4QvM3u5Tx36udEkwM31tJ5oVpzys7z90fvVjwa7P2lNxFPAnVaK5-WW1f4uWcohA0y5Nj0msw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
78ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgaTiE0kl-FUS_kShdOffdYStTWGQXHqgSpLhneHchcLkkht88M0GK_r_8Fba_v4QvM3u5Tx36udEkwM31tJ5oVpzys7z90fvVjwa7P2lNxFPAnVaK5-WW1f4uWcohA0y5Nj0msw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YgWIJ7Kqj9L-bSEhvFYNaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBDomz5jApOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzPQMzOMLDAC8Ty72"
content-security-policy: script-src 'report-sample' 'nonce-YgWIJ7Kqj9L-bSEhvFYNaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 101ms
100ms XHR
text/html 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2v3BzkvYgy_9cejkTyAHiDdpJ51vALItaIHOXl_nvziB75j_rmNS9Q8qy6_sTxbP11Jef7YSQUzo9mRlOZOtN7hcpMVKnozBmhNWsVvqK8-v-BEjiEjNEG__er2MwzvcRxMVE9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TDniLQ3JQZPgkkOUeKAk3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theregister.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48PqSTvYBA7cujGfScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmOkZmMcXGAAA8wUvug"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TDniLQ3JQZPgkkOUeKAk3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.theregister.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A161 42 B
65 B 246ms
246ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst71HMhWjDwzens1h1ySJvHCz-IshSAPnjifDWWE_IK5ZmEDe6FLNpDne36smG60VzGo0_5YN9UnG0hC9Z3ByRSkGA5bmLxdOfUDmbagr5YUvHUcFW0SSNe8m9uWN6BhHQ0xnzHueFBGpmEUSy1HP_e0yUq9_y75CuGzVvB2TAXR0Ifnx4v64ylY6cLijuCBMJJlg&sig=Cg0ArKJSzOzBHxa8WwI9EAE&id=lidar2&mcvt=1000&p=903,200,1530,1400&tm=1312.5999994277954&tu=312.19999980926514&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=0.47&vu=1&app=0&itpl=3&adk=4224390717&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2428657600&rst=1728353775897&rpt=587&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 08 Oct 2024 02:16:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 521C 42 B
65 B 268ms
268ms Fetch
image/gif 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2Dilw4Obni4v13GhqrVVLUZsyqwAjNUqOdOJomFTS6Hne38XHrJOd5TDZaS3Q47Dv27SKdRQs-kLl9bf9aCemr2NajcO-1h0i26eMA9O4Vq9ZgSnfKt_SvT3QDsjPMoXHDGhMV1jh887zAWKQCCyiG4u_uCpJoxCIMAkQvOjB-W89qzUEtYmKNsaJIRuyZsuDJw&sig=Cg0ArKJSzPQ21ewi2a5AEAE&id=lidar2&mcvt=1003&p=82,315,332,1285&tm=1381.9000005722046&tu=378.6000003814697&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2392530753&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2428657600&rst=1728353775882&rpt=581&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 08 Oct 2024 02:16:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 78ms
78ms XHR
application/json 2607:f8b0:400d:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410030101&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8c93bbb22102d15a58e24bafe2317bdc7ab62b8d53e32f3c0d5c3c38493771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12934
date: Tue, 08 Oct 2024 02:16:17 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon.svg
www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/ 3 KB
2 KB 48ms
48ms Other
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e08434b894e29942adb095bf2d6f493ffd8e2aee21e8ad147f59e9bc2d400b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884942
x-reg-bofh: pfy01us
x-content-type-options: nosniff
cf-ray: 8cf2a0c76b07541f-YYZ
expires: Thu, 17 Apr 2025 07:30:49 GMT
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: image/svg+xml
last-modified: Mon, 27 Feb 2023 10:14:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.ico
www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/ 15 KB
2 KB 51ms
51ms Other
image/x-icon 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0eadb5eb6ca47c35791250e31d41b66d9e7098ee6e74a3af1d4b75f5d11164e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
content-encoding: br
cf-cache-status: HIT
age: 13884942
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0c7bb34541f-YYZ
expires: Sat, 12 Apr 2025 16:09:39 GMT
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: image/x-icon
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 61ms
59ms Script
text/javascript 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202410030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.theregister.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 08 Oct 2024 02:16:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 02:16:17 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 192A 0
0 58ms
56ms Document
text/html 2607:f8b0:400d:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 488701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 10:31:17 GMT
expires: Thu, 02 Oct 2025 10:31:17 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame EF96 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 ads.js Show response
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ 27 B
0 0ms
0ms XHR
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ads.js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/d5067505c1004513235b30ece43b64dbca25e639/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

cache-control: max-age=33696000
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-cache-status: HIT
age: 19206037
x-reg-bofh: pfy03us
x-content-type-options: nosniff
cf-ray: 8cf2a0b64993541f-YYZ
expires: Sat, 07 Dec 2024 04:42:34 GMT
accept-ranges: bytes
content-length: 27
date: Tue, 08 Oct 2024 02:16:15 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410030101&jk=2356499949140571&bg=!YWKlYi3NAAax3igvkd47ADQBe5WfOJtpSfNavXBSvWZgTjuCnvse70cdgs4Vkw1aDCYAMr0UPZmgo9EPPEqH4D-GlNeuAgAAAEZSAAAABGgBB34ANt7VqAd8a00H4Zi0UBownkX5n0YA-t_uKFUccQ1pM8CoSISNWNHwW6sQias0maT4sRrGeJmnDpkCoJ08TbLaPnDv38usVAegzxPQcMCI-v8uCx8vt6J8_MzCfcODRdl5aFXlxLm3CMhfid3grvU7EcA9AHAavATw19-tuPfzqWgZgO75G5PT6atvnHLgjwjzZzM-I9KS7h31e2YYG8dEz_d7gncJ4YXpvLGH3xvlseRmpF9tGGw23oOYp3Vsmvn4M7-5oq1XjXN7IWCrrMcOt_4o3Qk9tzv8hduN_uijrjGEMJTJUxU5LIr582Zs6OCwDLWDb5vy5N8eq-A9YHxApKebwBjaxaglNuLz_CBqWme5-_4_yEDI4YhZKTcy15t0Ysez9Mh-hmSoD0fJyXtiDG9zKrW5qlmVdj0kX3aP-XjJLoYVZfeZPUtFzGGZEONj75AqMXkwUO4hwEVgMgej8O54-hQ351fkUALKBQ5cOTe2-Dl_-a4Mf33vpsQN4I2cIr7F3FSVBcGhSmsnEd5V5stsv4rHqOTNJjzAXECc-0SpL8r88Y7SfYppQzHSR4u6NIXGFEoiop3h-FjIpOnBPpXertwgIA9h4bhKfcQSO6dEzRoOe6D-w-fJawn__C1jglUL6_ScvRLWrB2dvlhAePKotelm6IxseVwPP57ImRd6UBtT-XYnkvozCD7T6RoP_oeMGZlala8yHZgU5ns9Cky2tDfg9XcDjy8nFp-ELX1ghHdkN4oa2l_2ZL4YwcA3y9LqVtAlB0rNBAKSVnwkTWFdZInkqWlYx1byGgGYBtaCvu47XwIAFwIZb7okuCOy2iYN19a5ZwjvFxWU13SYyed8ksC6rfKk0JezsbEgbSSW9IealbOaS2gIA6WVwlER3g4iUYzEbEZc4b5DCShI0NHajrhDBzqVtHT33TwpnabbiO9GjA2aY02I2Ykgt3g2a24y8Y1lwJfb_w

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theregister.com/	1970-01-21 08:51:29	Name: bucket Value: 348
.theregister.com/	1969-12-31 23:59:59	Name: sc Value: 1
.theregister.com/	1970-01-21 09:41:53	Name: _ga Value: GA1.1.508332044.1728353775
.theregister.com/	1970-01-21 09:27:29	Name: __gads Value: ID=3619d1afd14facab:T=1728353775:RT=1728353775:S=ALNI_MbUwb_X1YnGodCHwsH1xXBMxXbTmw
.theregister.com/	1970-01-21 09:27:29	Name: __gpi Value: UID=00000f264eb0e697:T=1728353775:RT=1728353775:S=ALNI_Mb59kmDmTJOvhyB3qT75sKA7XiA7g
.theregister.com/	1970-01-21 04:25:05	Name: __eoi Value: ID=afc387a37984e087:T=1728353775:RT=1728353775:S=AA-AfjaiUduwRo3s9U7eKdX3i4R5
.nir.theregister.com/	1970-01-21 08:51:29	Name: sa Value: 1/oid.3568848685
.doubleclick.net/	1970-01-21 09:41:53	Name: IDE Value: AHWqTUkonqhCALFJlMQ6bvdBBzeqziNB8zka6xnKECVTS8nHj_6KYH_kGGX98F3whg8
.theregister.com/	1970-01-21 09:41:53	Name: _ga_JXW44Y23NM Value: GS1.1.1728353775.1.0.1728353776.59.0.0
.theregister.com/	1970-01-21 08:51:29	Name: FCNEC Value: %5B%5B%22AKsRol-catUZlCe9uQh0WPlYP-PMx7lgtzYt2akNr9CQ-EusSXGgTg0tA9Kptpy9XCK-1zCmqJdQd-WTRiZ37xLSYv7141_RgM0ue-OHv_fGXjAzHlamGVlTe6MO9boiUdNLTxa0cq5MEt2-8eZKXSRhC5mbdN4UNw%3D%3D%22%5D%5D
.theregister.com/	1970-01-21 04:27:58	Name: cmp Value: g0.c0.l0
.www.google-analytics.com/	1970-01-21 02:15:29	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94fd087375e8040d61d294a6e0a59b13.safeframe.googlesyndication.com
analytics.google.com
fundingchoicesmessages.google.com
go.theregister.com
nir.theregister.com
pagead2.googlesyndication.com
regmedia.co.uk
securepubads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.theregister.com
pagead2.googlesyndication.com
www.google.com
104.18.4.22
104.18.5.22
2001:4860:4802:38::181
2606:4700::6810:c86d
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c17::5e
2607:f8b0:400d:c02::84
2607:f8b0:400d:c02::8b
2607:f8b0:400d:c04::61
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c07::71
2607:f8b0:400d:c0c::84
2607:f8b0:400d:c0d::9b
2607:f8b0:400d:c1d::9a
02987c1977405db28dcb5d239fde8b9cfc1fa2297e955a4f689ab576c8d846f8
03324589bbd4ac441922b6cc4d829cbc3c3526a152051e749027a079f3ea037c
158445ff577bf0d12faf2bacd868bae3f8219a2965b27ba328e00d4e72dff96f
178640273b1f5e5750d3297b61b3bd3a241ab8b2e121f48c30ee4e8ddc9df41e
1aa61a44d5a1456340fda080f8133e3a15ef42215b5f97bed57f6b1e70462a66
2bbc4d38b2c6b4076477ffb3bfd1c0fb55432ca152f71b04c64fb646e9f7a550
2e08434b894e29942adb095bf2d6f493ffd8e2aee21e8ad147f59e9bc2d400b0
385929dee7dc255c8e0984fbfed5a79ebfaaf98b8fd7ceb611c68f405aeec908
391022a2690f18db5daf7a3bc0c5ad36f31b094da5a8912d57c775e5add18d57
3c46e34fd17cb7a54777558012885f8713e02cce2523e9307f2b3e99fb8b7064
41ef905e7d332a03311b4bb48d3894bccf04d8856a0e0a98ae98683538966025
455442b80b731817ad9e5b615c3ffcedbb9e351dc57b0f0298b77cdb5d11d57d
47c8eae68b3553d6fcfc88beb61db2ffd3f8ff3f7f103954248011ea916d3af5
48c1b4d29fb978d9201041b1ab46f6eb428d8c2ef2ea4833f10d0c665d58a333
53161434a4d50d2b984e91b332463b641b6842578c1f37a1ed81cbdc0a7794c6
5bfdcad6361d264f64c41d95ace7a7bfc886f1b2bf2d2e7e07886e155e585922
5dd339c31b8ec482e001dad4fb52e6f8f138ad772b74a2d387943e10df3bbc48
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
687524cde30fe73542b07a1b40a9e4217e6080ca31489a89c22f027fb758f8e7
69d77d9587f7e1475c01b26cc763774872a176a889d02ee7efb7fbb50ebdf327
6b4f41c53446bee5ce03284672b4607e4a6ff941cae00ec006411b05a62fbe7a
776772e5b520d64efc0ef136f14c0124741a506712a73d55fc7eedab4e5b37c3
77a839fdcd5d30ced4fa6ca4dce35057cdb7e31f420b1f89fec3491cdf8c3f84
83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc
87d683ea3dda6066a1310b46c0e7bceec150db90ef0f33de34b15270f189479c
8e92de9184f82a42c58077f9ec64f34cc4078d2367cdc608fac14b3d575287fc
918d31aa7f6874032fd30571074824d24be003cabfcee4511a6f56d94d48228c
9ae052937bb9f95d7e43e02e218b81be7412b69b5409de0309580357de79a850
9cbf748e68bf2fb8da497de517cbd7826d44c6b278cec89e22a9e13e193e4ded
9f1cb4af215bea1d20e63989d2bc87cd3b6daf71af4e59b6ab7875154cecbceb
ab8c93bbb22102d15a58e24bafe2317bdc7ab62b8d53e32f3c0d5c3c38493771
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
b18c67c183da5eadf9f83380721ed6abd89f0707d57980f8a0e98a83e2b47f67
b711585f391ac5f348dc41253cf4ffba5d49ed997c17170c1fe2498ff13ea817
b9d5ce7773dac38eff9082e13c7bc4307a7c4ba5e76cd95a2eb0faa0de662e34
bf0b79024bbbed21e1d100662bde70f3ee601cb0b546943fec4276816c6c7c7c
c0eadb5eb6ca47c35791250e31d41b66d9e7098ee6e74a3af1d4b75f5d11164e
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
cb45626c15a44d44c56e6c2415b62fb97bda87aaa3ea1cba5d1211000899337c
ccc879574756f32c9592427da6cd1248dd799b84b8ffaa746adcf447b17860a5
cdbe4fd8107e8887100fe651cb6fd09fe31af3b6a83c1cc41899d805afdbeb1a
ce184b1a6cf5394fe1993d3b832634e36d3531537844223c174b3b63d924486e
df1cddba3412fbe96ed7ec4084524de006776e7b89de7985bcdba98cd290041b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed1744324b3aad05fe51ed96e388004a4716276884a66b9abd5cef359140d5
ea5e981f5e06721bbe6674f28e8189f3ba0e785501310b5e36ab56e930021ef4
ea8c1cbf9732fae6a42b6261c238014eab34943fac5a34711081a62b7cc2eba9
ead4dd9fe09a624709e385daa6a498bff005c2cb43e0390e83993897d6dc3b6e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2807143971bec475b19039a3a7cef9dede103b1552944da67aa68a649f46c09
f6ad8750b8ff72f993d9c45d51e02f31aa20834a48f78644953949afa7a6f8ca
fe083388f76e3adf62d2125ca792e750c814b06694f2362469ac82bb34a8e970
fe1da7d7e56968797d6b3844f7bedd855b366e1496343527a22f4d2871bb86ad
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.theregister.com Open in urlscan Pro 104.18.4.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

93 %HTTPS

86 %IPv6

8 Domains

16 Subdomains

14 IPs

2 Countries

1629 kBTransfer

4329 kBSize

12 Cookies

19 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theregister.com Open in urlscan Pro
104.18.4.22 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

93 %
HTTPS

86 %
IPv6

8
Domains

16
Subdomains

14
IPs

2
Countries

1629 kB
Transfer

4329 kB
Size

12
Cookies

111 HTTP transactions
5 data transactions