gbhackers.com Open in urlscan Pro
2606:4700:3034::ac43:a5ec Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gbhackers.com/critical-magento-0-day/
Submission: On April 20 via manual (April 20th 2022, 7:40:18 am UTC) from JP — Scanned from JP

Summary HTTP 264 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 33 domains to perform 264 HTTP transactions. The main IP is 2606:4700:3034::ac43:a5ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbhackers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.

This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 30	2606:4700:303... 2606:4700:3034::ac43:a5ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:400a:804::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:813::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:820::2001	15169 (GOOGLE) (GOOGLE)
36	142.250.207.34 142.250.207.34	15169 (GOOGLE) (GOOGLE)
1	2600:140b:2::... 2600:140b:2::172c:3398	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2404:6800:400... 2404:6800:4004:81d::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.78.33 192.0.78.33	2635 (AUTOMATTIC) (AUTOMATTIC)
1	23.45.60.235 23.45.60.235	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f00... 2a03:2880:f00f:1:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
2	2600:140b:2::... 2600:140b:2::172c:3388	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.3.72.47 52.3.72.47	14618 (AMAZON-AES) (AMAZON-AES)
21	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:811::2002	15169 (GOOGLE) (GOOGLE)
5	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	94.130.218.84 94.130.218.84	24940 (HETZNER-AS) (HETZNER-AS)
1	52.71.114.9 52.71.114.9	14618 (AMAZON-AES) (AMAZON-AES)
1	2404:6800:400... 2404:6800:4008:c13::9a	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
10	2404:6800:400... 2404:6800:400a:805::2001	15169 (GOOGLE) (GOOGLE)
30	2404:6800:400... 2404:6800:4004:811::2001	15169 (GOOGLE) (GOOGLE)
5 13	2404:6800:400... 2404:6800:4004:813::2004	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	108.177.97.155 108.177.97.155	15169 (GOOGLE) (GOOGLE)
1 4	2620:116:800e... 2620:116:800e:21:b25f:f2c2:3600:d81a	16509 (AMAZON-02) (AMAZON-02)
2 2	54.213.69.79 54.213.69.79	16509 (AMAZON-02) (AMAZON-02)
28	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
6 6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 5	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	20.85.9.11 20.85.9.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 5	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:31::a	15169 (GOOGLE) (GOOGLE)
1 1	192.65.229.43 192.65.229.43	62961 (BISNET1) (BISNET1)
1 2	142.250.199.102 142.250.199.102	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:214... 2600:9000:2142:1200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400b:3::c	15169 (GOOGLE) (GOOGLE)
264	40

30 2606:4700:3034::ac43:a5ec (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gbhackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:804::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:813::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:2::172c:3398 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:81d::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.33 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

jetpack.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.60.235 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-60-235.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00f:1:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:2::172c:3388 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.72.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-72-47.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.218.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.84.218.130.94.clients.your-server.de

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.114.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-114-9.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c13::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

streaming.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:400a:805::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2404:6800:4004:811::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:813::2004 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.97.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800e:21:b25f:f2c2:3600:d81a (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.69.79 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-69-79.us-west-2.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.39.36.141 (Los Angeles, United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.9.11 (Boydton, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.231.99.243 (Japan) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200e (Australia) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:31::a (Australia)

ASN15169 (GOOGLE, US)

r5---sn-oguesn6y.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.65.229.43 (United States) 1 redirects

ASN62961 (BISNET1, US)
PTR: 192-165-229-43.blueshift.net

924-img.c3tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.199.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2142:1200:19:fc2c:a140:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.202.26 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400b:3::c (Tokyo, Japan)

ASN15169 (GOOGLE, US)

r6---sn-ogueln7d.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 bid.g.doubleclick.net — Cisco Umbrella Rank: 500 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 196	370 KB
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	599 KB
30	gbhackers.com 3 redirects gbhackers.com	557 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	335 KB
16	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
12	wp.com i0.wp.com — Cisco Umbrella Rank: 2767 i2.wp.com — Cisco Umbrella Rank: 5999 i1.wp.com — Cisco Umbrella Rank: 6395 stats.wp.com — Cisco Umbrella Rank: 2657 pixel.wp.com — Cisco Umbrella Rank: 2521 s0.wp.com — Cisco Umbrella Rank: 6135	252 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	252 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	222 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1008 r5---sn-oguesn6y.c.2mdn.net r6---sn-ogueln7d.c.2mdn.net	3 MB
6	openx.net 6 redirects rtb.openx.net — Cisco Umbrella Rank: 1537	995 B
6	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 75424 cdn.playstream.media — Cisco Umbrella Rank: 133231 streaming.playstream.media — Cisco Umbrella Rank: 102407	1 MB
6	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 15584	385 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	2 KB
5	rubiconproject.com 5 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	2 KB
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1127	1 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3059 onesignal.com — Cisco Umbrella Rank: 1122	82 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	137 KB
3	walmart.com 3 redirects beacon.walmart.com — Cisco Umbrella Rank: 2355	1 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 44077	1 KB
3	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 9194 track1.avplayer.com — Cisco Umbrella Rank: 30207	131 KB
2	mookie1.com 2 redirects odr.mookie1.com — Cisco Umbrella Rank: 962	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 550	1 KB
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3287	752 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1661 1.gravatar.com — Cisco Umbrella Rank: 7142	4 KB
1	c3tag.com 1 redirects 924-img.c3tag.com — Cisco Umbrella Rank: 33274	669 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	247 B
1	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1962	71 B
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 114	661 B
1	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2495	395 B
1	wordpress.com jetpack.wordpress.com — Cisco Umbrella Rank: 11582	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
264	33

	Domain	Requested by
30	tpc.googlesyndication.com	gbhackers.com securepubads.g.doubleclick.net googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
30	gbhackers.com	3 redirects gbhackers.com
28	cm.g.doubleclick.net	gbhackers.com googleads.g.doubleclick.net
27	pagead2.googlesyndication.com	gbhackers.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com gbhackers.com googleads.g.doubleclick.net
14	fonts.gstatic.com	fonts.googleapis.com
13	www.google.com	5 redirects gbhackers.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	gbhackers.com securepubads.g.doubleclick.net
7	fonts.googleapis.com	gbhackers.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
6	rtb.openx.net	6 redirects
6	blogger.googleusercontent.com	gbhackers.com
5	image6.pubmatic.com	5 redirects
5	pixel.rubiconproject.com	5 redirects
5	s0.wp.com	jetpack.wordpress.com
4	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	streaming.playstream.media	player.avplayer.com
4	www.googletagservices.com	gbhackers.com googleads.g.doubleclick.net
3	beacon.walmart.com	3 redirects
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.co.jp	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	pixel.wp.com	gbhackers.com
2	r6---sn-ogueln7d.c.2mdn.net	gbhackers.com
2	odr.mookie1.com	2 redirects
2	d.agkn.com	2 redirects
2	ad.doubleclick.net	1 redirects
2	r5---sn-oguesn6y.c.2mdn.net	gbhackers.com
2	gcdn.2mdn.net	2 redirects
2	pixel.everesttech.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	onesignal.com	cdn.onesignal.com
2	player.avplayer.com	tg1.playstream.media player.avplayer.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	gbhackers.com cdn.onesignal.com
1	924-img.c3tag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	track1.avplayer.com	gbhackers.com
1	cdn.playstream.media	gbhackers.com
1	1.gravatar.com	jetpack.wordpress.com
1	3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	track1.aniview.com	gbhackers.com
1	graph.facebook.com	gbhackers.com
1	api.pinterest.com	gbhackers.com
1	jetpack.wordpress.com	gbhackers.com
1	stats.wp.com	gbhackers.com
1	i1.wp.com	gbhackers.com
1	i2.wp.com	gbhackers.com
1	i0.wp.com	gbhackers.com
1	secure.gravatar.com	gbhackers.com
1	tg1.playstream.media	gbhackers.com
1	www.googletagmanager.com	gbhackers.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
264	56

This site contains links to these domains. Also see Links.

Domain
digg.com
www.facebook.com
plus.google.com
www.linkedin.com
feeds.feedburner.com
twitter.com
kalilinuxtutorials.com
ethicalhackersacademy.com
bit.ly
blogger.googleusercontent.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
wl.aniview.com R3	`2022-04-04` - `2022-07-03`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-27` - `2022-04-27`	3 months	crt.sh
outstreamedia.com R3	`2022-02-27` - `2022-05-28`	3 months	crt.sh
*.aniview.com Amazon	`2022-01-05` - `2023-02-03`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.playstream.media AlphaSSL CA - SHA256 - G2	`2021-04-06` - `2022-05-08`	a year	crt.sh
streaming.playstream.media R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-04-12` - `2022-06-21`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://gbhackers.com/critical-magento-0-day/
Frame ID: 820CB2D8D5865FA4365C7CEDDDCD737E
Requests: 106 HTTP requests in this frame

Frame: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Frame ID: 32178DD6E5A3F6B1B27D2AD56A7FAEF3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: F42FDA594DB5DFC34B1A893E553C7D86
Requests: 1 HTTP requests in this frame

Frame: https://3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E6150D309BBD97AD7588E20C82FB6AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224
Frame ID: 5434D7DC4232A91AC53AEBC550F6E21C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2315524698&adf=2169656816&pi=t.ma~as.1238950596&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410900&bpp=1&bdt=473&idt=252&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mZcQ0Lwca2&p=https%3A//gbhackers.com&dtd=255
Frame ID: 8ABC96DD806C8FCB0C501EB76447287B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1041368278&adf=786905601&pi=t.ma~as.2715683798&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410901&bpp=1&bdt=473&idt=264&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=COoNrO85rn&p=https%3A//gbhackers.com&dtd=266
Frame ID: F00F9E5774C1BA9683DCF557320CCA7A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1650440411&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410913&bpp=1&bdt=486&idt=257&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250%2C300x250&nras=1&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20220413&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=262
Frame ID: 2D6036B481DBBD1D5135852477B282E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 76EF6863CCE90708A284FAB3849961FD
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 44B90A3C7C4DDC84971A6F6D0D7D7944
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C01F34E7D083BBFF1A24A2749ECA38DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72D58D7BE5BCF56EA8D7F212E651EF2E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5D6FF4D1AF37859545322A3907B406C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8636D7353512CE5A22D71C840D10AD3C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6B15C81D7A1AB44FD20934FAA5A6BCE8
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DBDBE26C7782FF7C23C719828B92E02
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F396A0F91B6B33E993AE16838C7E6CF7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 36B4603B438B40BAF82032A27E5CE4F9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26CD4FF36E0FA70AD5C3E183FD201A4D
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A58DF8BE5B10CA3302B6EBB61CB1C8CC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 36A79E1A23718D9FBB4D0987B5139E0D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6253F9E21A9DE3E53AB30BE38AE40E48
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 541217AC71178BAD59D1CAB243A9641F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Frame ID: 829E9DD1F3C964FC78F077B8A3C641DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Frame ID: 199A76D67D4DC0593EAB563BE879F642
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 647EA9DCA12EA987740D72D6DB150036
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81008048D82FCB659EA5ED907308F3DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Critical Magento 0-Day Let Attackers Execute Arbitrary Code

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

264
Requests

84 %
HTTPS

58 %
IPv6

33
Domains

56
Subdomains

40
IPs

6
Countries

7850 kB
Transfer

13317 kB
Size

25
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://digg.com/u/GBHackersOnSecurity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gbhackersadmin

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/100293610970932245878

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gbhackers

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/gbhackers

Search URL Search Domain Scan URL

URL: https://twitter.com/gbhackers_news

Search URL Search Domain Scan URL

URL: https://kalilinuxtutorials.com/
Title: TOOLS

Search URL Search Domain Scan URL

URL: https://ethicalhackersacademy.com/
Title: Courses

Search URL Search Domain Scan URL

URL: https://bit.ly/3LP2Nay

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/a/AVvXsEin_REqVEYq0spSVFg4d_RSo_fqsF--RG7OX45z0VekJmylKAjORrIkjuse_VKTBVTE1fYb2XjFqPFR7rRZmAj3_1SpvOxXuU2BM2CL9Rey_5ensMgObDw28j4qeVxJhLgH9Vq6zPusGFgkiD1fIfYwQQS14V_q2FLgxzy-Gq0OckDwFd39UQ1yiEeZqA=s16000

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gbhackers/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/guruba008

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117213505223921522359

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/gurubaran-gbhackersonsecurity/

Search URL Search Domain Scan URL

URL: https://twitter.com/guruba008

Search URL Search Domain Scan URL

URL: https://bit.ly/3Jrw5uL
Title: Complete Free Website Security Check

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://gbhackers.com/indusface-banner-728/ HTTP 301
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-728.png

Request Chain 24

https://gbhackers.com/indusface-banner-600/ HTTP 301
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-600.png

Request Chain 25

https://gbhackers.com/indusface-banner-300/ HTTP 301
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-300.png

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5uRHpuLFXSLOpmVUxWrSU7tEukfhjU9jgKsnMP5xNKYPvs2kYjnrfMHwYQiA&google_gid=CAESEOj558zwpNXcvEND4ojXsR8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCTEBmdHhOcg&google_push=AYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5uRHpuLFXSLOpmVUxWrSU7tEukfhjU9jgKsnMP5xNKYPvs2kYjnrfMHwYQiA

Request Chain 159

https://rtb.openx.net/sync/dds?google_gid=CAESEHagy9gdqKvsJF1b-7TLEhU&google_cver=1&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHagy9gdqKvsJF1b-7TLEhU&google_cver=1&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q&google_hm=YpsXRYRkweMTWR0OK1zuDw==

Request Chain 160

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGd0-NGpT8TqlBBjn1PF9_Y&google_cver=1&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9LbQ6EJR2wMDL1wmvs20jIEHZuQY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTUotMjctN1M4SA==&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9LbQ6EJR2wMDL1wmvs20jIEHZuQY

Request Chain 161

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_cver=1&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1

Request Chain 162

https://cc.adingo.jp/adx/push/?google_gid=CAESEH1Z4ZB_BYAyU6aWxBOccxs&google_cver=1&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6pnokkWg7l116G9xF9PewFYm7sRlHtKTmnmUzlSfqU1FiMB4eLYLsP1ZKzEMZhH_O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dZMq4lPQl0Lm_bSBKZVTPE&tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6pnokkWg7l116G9xF9PewFYm7sRlHtKTmnmUzlSfqU1FiMB4eLYLsP1ZKzEMZhH_O

Request Chain 168

https://rtb.openx.net/sync/dds?google_gid=CAESEH7hc3ifvHzz1HR2eA791fU&google_cver=1&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEH7hc3ifvHzz1HR2eA791fU&google_cver=1&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Request Chain 169

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC6Lslq9cm-WD_kwKr8PJ4M&google_cver=1&google_push=AYg5qPLSnI5hF6ApCf7JNSmyqioB-ddvtYYYWtXfHw9rtjrVk7u7qRAqy4Dm5QFsQ7SSko6q08CSqZPYJ4GYpf6-A9YXLv44mf4k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC6Lslq9cm-WD_kwKr8PJ4M&google_cver=1&google_push=AYg5qPLSnI5hF6ApCf7JNSmyqioB-ddvtYYYWtXfHw9rtjrVk7u7qRAqy4Dm5QFsQ7SSko6q08CSqZPYJ4GYpf6-A9YXLv44mf4k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSnI5hF6ApCf7JNSmyqioB-ddvtYYYWtXfHw9rtjrVk7u7qRAqy4Dm5QFsQ7SSko6q08CSqZPYJ4GYpf6-A9YXLv44mf4k

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYUXOvmjoEpk1pWWoiV2VM&google_cver=1&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXsM_q-_tuqCybCbNTfreLjmxj9B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTjktRy0zRDZR&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXsM_q-_tuqCybCbNTfreLjmxj9B

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E

Request Chain 172

https://cc.adingo.jp/adx/push/?google_gid=CAESEKSsXBhV0YZ-3wkMFG4g7M4&google_cver=1&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Request Chain 192

https://gcdn.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/85206DAAD3EB6EC1EFEA7C6790066998F358820A.7594296F206A02944E1DB8096404E41B18FB5248/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C122694D9BB694E8FD0319747D4952AF2623681.7B1E51A63191BD72441FB7C0A15BB7AAE2D79033/key/cms1/cms_redirect/yes/mh/n6/mip/2a00:1633:128:4::2/mm/42/mn/sn-oguesn6y/ms/onc/mt/1650440106/mv/u/mvi/5/pl/32/file/file.mp4

Request Chain 197

https://924-img.c3tag.com/v.gif?cid=924&c3=N349404.134426GOOGLEDISPLAYNETWO-305017400-152005930&creative=152005930&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?}~ HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_pre=CLrkk9SRovcCFQ0kvQodToQG1w;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 225

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBmXXMFSF0dirP31ASfvTTo&google_cver=1&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2Sh8IfClXUJGkUuQVIvXaiI2N91nYlMYrFBH-ymxsI HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2Sh8IfClXUJGkUuQVIvXaiI2N91nYlMYrFBH-ymxsI&google_hm=_nnlU3iLQQhabWTlk9HalQ

Request Chain 226

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzDtBxYfu5XfGEnu70ftSNT-_XFHh1F9GWeFfkFw0KneERvhkbRu4m2qXIp1hGCciw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=ahnSchtyYTadZegG_KdTw8&tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzDtBxYfu5XfGEnu70ftSNT-_XFHh1F9GWeFfkFw0KneERvhkbRu4m2qXIp1hGCciw

Request Chain 227

https://rtb.openx.net/sync/dds?google_gid=CAESEJ530zenY1wkBOd-49Go7hM&google_cver=1&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Request Chain 228

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnMzmJOiU6EIQcJQosix7g&google_cver=1&google_push=AYg5qPKyVZBrWHvzzXnAEnmoBPhA37Vm9wLOReRcrexEvUrWFPqzMxBMJ-o-THumWakebFEccUwb0EBitQ3oSqn_6CjC6UqcNeIc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKyVZBrWHvzzXnAEnmoBPhA37Vm9wLOReRcrexEvUrWFPqzMxBMJ-o-THumWakebFEccUwb0EBitQ3oSqn_6CjC6UqcNeIc

Request Chain 229

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEHkzbwq4q96XDpD89vkjv4&google_cver=1&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHTIlbxSFD-w0cDOCU_MwkSqmc72 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXUlotMUQtRUpNTQ==&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHTIlbxSFD-w0cDOCU_MwkSqmc72

Request Chain 230

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0

Request Chain 231

https://cc.adingo.jp/adx/push/?google_gid=CAESEDT5Fy_tI9i9jhEb5CQYUEQ&google_cver=1&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Request Chain 235

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx88KSmjKfDEa9v06CqukQ&google_cver=1&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR

Request Chain 236

https://rtb.openx.net/sync/dds?google_gid=CAESELspbODmUQP5YA1vW14Rgf4&google_cver=1&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Request Chain 237

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnKz-XTgAu5BM19d6IrR8U&google_cver=1&google_push=AYg5qPJuuuwD7m8JMTvSTUIZAE6Dr3AbbNx5nxydKjWr21rYSpbqiAPqx0JLRfgKYO1sZ9A2IBV0PLHPNUAAZoNFnRGfIa_cFUNR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJuuuwD7m8JMTvSTUIZAE6Dr3AbbNx5nxydKjWr21rYSpbqiAPqx0JLRfgKYO1sZ9A2IBV0PLHPNUAAZoNFnRGfIa_cFUNR

Request Chain 238

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKpWhACT-sPElzz-1la8-iI&google_cver=1&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNEPoU4UszbCA9y_VG-vO64PIfcm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXU0ItSS0zVDZU&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNEPoU4UszbCA9y_VG-vO64PIfcm

Request Chain 239

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz

Request Chain 240

https://cc.adingo.jp/adx/push/?google_gid=CAESEAbPH9hqI15u8O-4-9UjIuE&google_cver=1&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Request Chain 244

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 245

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9yw9DmuzFUa5JQOOvruOCn5UvvEMcC-5XXAr_mlitknbWm73iwlyISRA&google_gid=CAESENTXlfFa5AM3t8v_XrVox8I&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCQTVAU1RQQg&google_push=AYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9yw9DmuzFUa5JQOOvruOCn5UvvEMcC-5XXAr_mlitknbWm73iwlyISRA

Request Chain 246

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx88KSmjKfDEa9v06CqukQ&google_cver=1&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR

Request Chain 247

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j6HNYjzgB_9srunjxMjK95ximW-u66epCNavWxQMxZWKX7fubMMhGaaLVzAObe24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bSMnn9FpmrmlGrRCjNaius&tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j6HNYjzgB_9srunjxMjK95ximW-u66epCNavWxQMxZWKX7fubMMhGaaLVzAObe24

Request Chain 248

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENFDj34X3EO7U3g7p3P7Kyw&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Yj1k0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Yj1k0&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODE

Request Chain 249

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEC6MZqZRbGSkOKLl15QYaiQ&google_cver=1&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMerz1jVfOpV405p5MoHnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMerz1jVfOpV405p5MoHnA&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODI

Request Chain 250

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnKz-XTgAu5BM19d6IrR8U&google_cver=1&google_push=AYg5qPI6g0h8cuLIQfp_f4V-cIfN2CntMQ3Sw3P6Y4IVFI9hzHyh4S-M7AI94O_ezyJMQxnhDUGVKvRG76eSEcBPkTF1Z-HdzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6g0h8cuLIQfp_f4V-cIfN2CntMQ3Sw3P6Y4IVFI9hzHyh4S-M7AI94O_ezyJMQxnhDUGVKvRG76eSEcBPkTF1Z-HdzA

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKpWhACT-sPElzz-1la8-iI&google_cver=1&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3x5yxkd1ROSupPrCjNns9ZBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXVjQtMU8tTEo5UA==&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3x5yxkd1ROSupPrCjNns9ZBg

Request Chain 254

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 256

https://gcdn.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/783EAB630409D361D47EAD90F056D74BE862D665.762105C814A985114F46BCC99FC5EC4961FF3ED6/key/ck2/file/file.mp4 HTTP 302
https://r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4B3A180CC11000F0700E1D1FF9C7443EAA7B470E.17609D48A925C7C58DCE76EC8267DA8D4914A273/key/cms1/cms_redirect/yes/mh/jC/mip/2a00:1633:128:4::2/mm/42/mn/sn-ogueln7d/ms/onc/mt/1650440106/mv/u/mvi/6/pl/32/file/file.mp4

264 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gbhackers.com/critical-magento-0-day/ 131 KB
29 KB 556ms
537ms Document
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a37892a29a421ccb42bd4df273265d14f6dc138b0e19d6cd77e893d661ed82a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6fec3af1cb328a6e-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP7jsu60tyfbjcicZZU1mLCaWrJzssVtUt8cnHv%2BV66fc5L3uPCVEJM9qmNuEdBvcvuXzfCeuJsL0B8%2FWBcVPoYO503BQSqt1efzEjvAQ%2BnykRug3g5kgFzIy4wq5KopTsfAhjkO7P2BjaFa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-cache: MISS
x-content-type-options: nosniff
x-mod-pagespeed: 1.13.35.2-0
x-pingback: https://gbhackers.com/xmlrpc.php
x-varnish: 77229949
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
gbhackers.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 11ms
8ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/css/dist/block-library/style.min.css?ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a2fc04e5f82d1b6fed397c6954cecd40fbb8383d422a4d39f3ab7d0687693a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 53593
age: 867291
cf-ray: 6fec3af549118a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-_93gOJAMuK"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhdRoRiI7z0X3csUtxXRCA8cZLHuaIMNotIhCifon4%2BFPlq9vBAZf7iK257eKwLAfIB5v0YqFtGfcDE2sHd2%2F4j9aSs91xc6F%2BkLbLw2RA4%2FVvfWRjW83XCMIIwvbMM9FETWHU%2FaFlKjUAjw"}],"group":"cf-nel","max_age":604800}
x-varnish: 26086619
vary: Accept-Encoding
cache-control: public, max-age=2591498
content-type: text/css
expires: Wed, 04 May 2022 14:16:10 GMT

GET
H2 200 email-subscribers-public.css
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/css/ 1 KB
899 B 12ms
9ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=4.4.4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d22757b5d6d70bb4a66040eb6ba44389922a08c588e4e46f14ec141e028540

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 1822
age: 1057430
cf-polished: origSize=1300
cf-ray: 6fec3af549148a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-P_IhAR--LJ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMnaBsqyMicvZVgqTtMxWLDpEqdc0S2%2FOQBre%2FFJxqf6xJAiFCaP49owpyqtgLL2qaAUFROf%2FpGTvCCZp38Ywhp5qZUifa%2BeynkXJZnGLo7lDapZxnBy90oYuPtyM1wwhZgMB87fyJC9YN23"}],"group":"cf-nel","max_age":604800}
x-varnish: 91668202
vary: Accept-Encoding
cache-control: public, max-age=2589147
content-type: text/css
expires: Wed, 04 May 2022 14:16:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 82ms
41ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5d7ab6a12d3f772d0427fc50a8e3ded642a688d2e44f108a9f09ead6dd04e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 07:40:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H2 200 default.min.css
gbhackers.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 114ms
111ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.11

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fec3af549158a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Apr 2020 02:59:37 GMT
server: cloudflare
etag: W/"322034-13e4-5a33763e180f0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87rKgPAs4Qd8bSM5bsCCmgPlHEc3qGGHDcWPIQk%2BOMmwtmhmzBgmhqPmVBP%2FkLwq5vulvDS14RKiayh8pi5N4TM5y6dNuUaWH1zyLDacjfKt%2Bp5K7lC1RAvcAL6C%2BM9GsydtU%2Furjuk6QByY"}],"group":"cf-nel","max_age":604800}
x-varnish: 19008260
cache-control: public, max-age=2592000, s-maxage=10
content-type: text/css
expires: Sun, 03 Jul 2022 14:16:10 GMT

GET
H2 200 js_composer.min.css
gbhackers.com/wp-content/plugins/js_composer/assets/css/ 470 KB
46 KB 127ms
124ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cfc2a69e54e431f69df45fa496f8df5bf1fabbe44518be3cb5f5eb922295d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fec3af549178a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 29 Sep 2018 06:55:09 GMT
server: cloudflare
etag: W/"c0c81-7585e-576fd0d824d40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iazxkn5ui9TLVpm%2Bh7RvH0DUGTQf9jxkXNEXg8XAfpmRIjaTC5%2FL4jDjApDEmTJOEMDb3X5pQGH66KDL12UHmmZ5Nwtpxvyp1KqeUg1MLuJhBXN8KdQ5fmYk2UByuIEUFiAhLuJHbIjrSdmG"}],"group":"cf-nel","max_age":604800}
x-varnish: 35797390
cache-control: public, max-age=2592000, s-maxage=10
content-type: text/css
expires: Sun, 03 Jul 2022 15:00:21 GMT

GET
H2 200 style.css
gbhackers.com/wp-content/themes/Newspaper/ 859 KB
95 KB 23ms
20ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1c9310b4e7ce78149bfc5a27a511c73fe3b83f1345bafb62d7a94f484e2151

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 1112087
age: 1911373
cf-polished: origSize=884995
cf-ray: 6fec3af549188a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-pulD_dW8Vv"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqTNBpI%2FYTnmerHRHKjDhsSxgo%2BG6qivNxThwxBlILmuRh45sah%2BUaFUyZQYWppzfBAuJf6oHMOFScekAxunRXKJgR8Z46X8wFm2WpQ6ukFH6pLZE6OVNWaUJTSM9Y3Qi8jjlMUUK5vUocem"}],"group":"cf-nel","max_age":604800}
x-varnish: 56097993
vary: Accept-Encoding
cache-control: public, max-age=2585009
content-type: text/css
expires: Mon, 04 Apr 2022 08:02:14 GMT

GET
H2 200 demo_style.css
gbhackers.com/wp-content/themes/Newspaper/includes/demos/sport/ 284 B
539 B 11ms
9ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/includes/demos/sport/demo_style.css?ver=8.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033ac4de550c02006f3ad635fab1d85fe4c08179481725a25c14862b503a1912

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 544
age: 1817966
cf-ray: 6fec3af5491a8a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-67kD1uWlVx"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNvyxaMxktnwLVRiPEcFKyhJB3qoBcBVyAmu%2F%2B71hEUgonTj7QOuf2GK1xYb4RwHASgUR65jJw6wWNIIRCH3NxNdgKcNQDqcgfMUsDIQk27YJTkKbZ7x8EJ0482cTIDyq3gxPo1zw7qwZTQI"}],"group":"cf-nel","max_age":604800}
x-varnish: 25020782
vary: Accept-Encoding
cache-control: public, max-age=2591771
content-type: text/css
expires: Mon, 04 Apr 2022 09:15:42 GMT

GET
H2 200 social-logos.min.css
gbhackers.com/wp-content/plugins/jetpack/_inc/social-logos/ 26 KB
19 KB 113ms
111ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fec3af5491b8a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Jun 2021 06:55:32 GMT
server: cloudflare
etag: W/"fe3c7-6866-5c3eb2d8c8621-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jr3FMSy1toSBwj99U4VaXIhQubpIi17%2BHWRy4tKIapoMSrpTzo0EjkeoDq2Hv4fef0SGBX5CXLtLhIdM2GHRDXKaqwVTPod%2FfuRbqgU5nWCiaTxUSRj7XGfFmITqujkReoF1Nh3MWzatXx6Z"}],"group":"cf-nel","max_age":604800}
x-varnish: 20813726
cache-control: public, max-age=2592000, s-maxage=10
content-type: text/css
expires: Sun, 03 Jul 2022 15:00:22 GMT

GET
H2 200 jetpack.css
gbhackers.com/wp-content/plugins/jetpack/css/ 72 KB
14 KB 115ms
113ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.4.3

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

246b86b3d23199c6e1282ea9de9c23a97520e0098b572f84f054619cd89b42b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=74081
cf-ray: 6fec3af5491c8a6e-NRT
x-cache: MISS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Jun 2021 06:55:32 GMT
server: cloudflare
etag: W/"ca58f-12161-5c3eb2d8ba8c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcBokVgJpvGtiQgUUrdaDN2flYwBVkUH%2B1EdwTOPKPMBmsvMCeTRh%2FXaA3V3jdLRvi6GmF0eHs0U4%2BHbm5CyJ%2Fh19cAAglosmlE5SBYC1EvCgXOHkVknWg%2FJvp48wcvwhEF68fuPHQ1sURIK"}],"group":"cf-nel","max_age":604800}
x-varnish: 58993531
cache-control: public, max-age=2592000, s-maxage=10
content-type: text/css
expires: Mon, 18 Jul 2022 07:54:23 GMT

GET
H2 200 jquery.js Show response
gbhackers.com/wp-includes/js/jquery/ 95 KB
35 KB 15ms
13ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 96873
age: 529221
cf-ray: 6fec3af5491e8a6e-NRT
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-gp20iU5FlU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6irsexlcIrkrL0KVEyo%2FMKVwNei%2F8fmw5Xz24VLfTvWf%2B6%2BGOdhpkLAkEmNLFpmFq3NZYgUAk63FiQp2kUVmtE0CAgeyW9hjic0Lkk8D4Nxv6VDEf5m5op1b1MaNxWVnZdtqixe93WxAL9d"}],"group":"cf-nel","max_age":604800}
x-varnish: 100456529 99982849
vary: Accept-Encoding
cache-control: public, max-age=2591739
content-type: application/javascript
expires: Wed, 04 May 2022 15:00:22 GMT

GET
H2 200 jquery-migrate.min.js Show response
gbhackers.com/wp-includes/js/jquery/ 10 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 10056
age: 1816532
cf-ray: 6fec3af5491f8a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-C2obERNcWh"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2cpTEOIlKSCLepveAqN7EeoLiFy9zLBTNh42ufwKlXFIJPEhriH8db%2BVyxDtjaGqeNwl1IWV5YFPH%2BaC1CQ98Z2C7HEnK%2BqFu72Hy%2BPkBKUVpIVht%2B0DFP3U36Wwz1qnIHln7Db%2BquXxbO0"}],"group":"cf-nel","max_age":604800}
x-varnish: 22744420
vary: Accept-Encoding
cache-control: public, max-age=2591771
content-type: application/javascript
expires: Wed, 20 Apr 2022 19:36:23 GMT

GET
H2 200 email-subscribers-public.js Show response
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/js/ 2 KB
1 KB 16ms
14ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=4.4.4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbe809775a3a3199624d023fb474484d89b9a4c48f1585f1eac8dbb53b5b9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 3544
age: 527130
cf-ray: 6fec3af549228a6e-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-SZWxqyGU4m"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUomCeuNlDjQfim8u%2FmKNg%2BTJNblrNziigR7FErgzQTyjcgLYHLxqPGVX4o%2Fb1vjcQp6AgRfeDtgNRZ5KHOKa78Pb8Rt34rYiXc%2BKNJlMk1IDFn5QEEMj1F5kmDioNlf7xBwTwmxX0jm0G%2F%2B"}],"group":"cf-nel","max_age":604800}
x-varnish: 99982825
vary: Accept-Encoding
cache-control: public, max-age=2589147
content-type: application/javascript
expires: Wed, 04 May 2022 14:16:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 92ms
48ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-88811382-1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87198291760dccc2caa000044c0dfd00da867eb82a0bd438bb2e467f4ad032d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38684
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 150ms
53ms Script
text/javascript 2404:6800:400a:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448ccea28b84e31cbe8bbc5fb4003a1c9877f0c1bad2901a1c923108a9f16624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28514
x-xss-protection: 0
server: sffe
etag: "1191 / 450 of 1000 / last-modified: 1650405960"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H3

200

Indusface-banner-728.png
gbhackers.com/wp-content/uploads/2022/04/
Redirect Chain

https://gbhackers.com/indusface-banner-728/
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-728.png

36 KB
37 KB

10ms
10ms

Image
image/png

2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-728.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34faef51b9aa878aad6bbc699738948ed286048afc01599cd6107c11193c6415

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 50485
age: 759641
cf-ray: 6fec3af8991880f0-NRT
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37257
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-GnZr7jB1Yl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FnfQcfCmu5lDkgPMv%2BFYCpsd1uOcAw0l2LDdVJ6rwlbc3thHM3Z%2FFo3dwhkaE6g0AHIFDUn3EspdAHNMdeqYn4HQ68fyt5G0VS80ENYp2Knq9i%2B%2BU%2BZt%2FW%2FQUfGgsh6j7NVQfNCCsUQerC3"}],"group":"cf-nel","max_age":604800}
x-varnish: 108997157
cache-control: public, max-age=2591948
accept-ranges: bytes
content-type: image/png
expires: Wed, 11 May 2022 12:36:57 GMT

Redirect headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-redirect-by: Yoast SEO
cf-ray: 6fec3af63c8d80f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhgOEzE%2F7AtaSviJiAzxrgLnyWhQXFG5%2F4Dfch0iyARoV8HGt6AxlRn5Albav9IvsTphaRBipph2ufmvYGvCfTSYussUlTsLH0l8%2BRWfrrQg8akUlB%2FAyJ3hAYCOii2kRYujsmwXnyTMVXUz"}],"group":"cf-nel","max_age":604800}
x-varnish: 77229951
location: https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-728.png
cache-control: private, must-revalidate
content-type: text/html; charset=UTF-8
expires: Tue, 19 Jul 2022 07:40:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 164ms
102ms Script
text/javascript 2404:6800:400a:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c544decf86001e2265d94e616fbebe31c296e3d33328f03ddb65e5b68288e66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54323
x-xss-protection: 0
server: cafe
etag: 17248628494284953873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H2 200 AVvXsEin_REqVEYq0spSVFg4d_RSo_fqsF--RG7OX45z0VekJmylKAjORrIkjuse_VKTBVTE1fYb2XjFqPFR7rRZmAj3_1SpvOxXuU2BM2CL9Rey_5ensMgObDw28j4qeVxJhLgH9Vq6zPusGFgkiD1fIfYwQQS14V_q2FLgxzy-Gq0OckDwFd39UQ1yiEeZqA=s1...
blogger.googleusercontent.com/img/a/ 97 KB
97 KB 1063ms
863ms Image
image/jpeg 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEin_REqVEYq0spSVFg4d_RSo_fqsF--RG7OX45z0VekJmylKAjORrIkjuse_VKTBVTE1fYb2XjFqPFR7rRZmAj3_1SpvOxXuU2BM2CL9Rey_5ensMgObDw28j4qeVxJhLgH9Vq6zPusGFgkiD1fIfYwQQS14V_q2FLgxzy-Gq0OckDwFd39UQ1yiEeZqA=s16000

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d2d964c92e032762a4f1e71918e960bae8a83a34ade6c620e0308ef296cf492e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v3fb3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="New Project-4.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99000
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:40:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 106ms
62ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

bafca30e44fd85d0c4b7a6e2c13f31ed4d1e17ced6b522fefcdc69ca9ed1172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28523
x-xss-protection: 0
server: sffe
etag: "1191 / 112 of 1000 / last-modified: 1650406063"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H3 200 wp-emoji-release.min.js Show response
gbhackers.com/wp-includes/js/ 13 KB
5 KB 32ms
28ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/wp-emoji-release.min.js?ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1820ff4e7bde396510b5a0f38900029400a051e4a11d960646cca97d4e7445f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 13901
age: 1617586
cf-ray: 6fec3af63c9080f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-n7WRPF4oRE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9UH3sWyBLuXOvmjaagzeeYJoiWjmGg%2FQDib5ivsju9L%2FViIePC2miTJF5Z8PxqzXaqukhzRnpVNTc0cGR0OrqEmdjJl2SLG5C4BreihyKAmIx1VhrtPElQ778pGts9zygxj7eVHXk8wD03x"}],"group":"cf-nel","max_age":604800}
x-varnish: 63307935
vary: Accept-Encoding
cache-control: public, max-age=2591341
content-type: application/javascript
expires: Mon, 04 Apr 2022 09:15:41 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 23 KB
6 KB 173ms
5ms Script
text/javascript 2600:140b:2::172c:3398
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62136cf7c403d54bf6177385&AV_PUBLISHERID=6156d36e41b7fa6a7c61775c
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2::172c:3398 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 94d76832caeb1432196cf2425697381ce4cc07101dc8be6c00fc2fa82eb6e99e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 07:40:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5873
Expires: Wed, 20 Apr 2022 07:45:10 GMT

GET
H2 200 6b7ff25fe27bcfe9ef4d6da044b6506e
secure.gravatar.com/avatar/ 3 KB
3 KB 14ms
2ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/6b7ff25fe27bcfe9ef4d6da044b6506e?s=96&d=mm&r=g
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 781b3d878304a3555fee3c1e1927492c5a7cb216e9b47700fd58e232254ed06f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Wed, 20 Apr 2022 07:40:10 GMT
last-modified: Wed, 28 Sep 2016 05:32:13 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6b7ff25fe27bcfe9ef4d6da044b6506e.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/6b7ff25fe27bcfe9ef4d6da044b6506e?s=96&d=mm&r=g>; rel="canonical"
content-length: 3183
expires: Wed, 20 Apr 2022 07:45:10 GMT

GET
H2 200 A%20new%20DDoS%20botnet%20Attacks%20100%20DDoS%20victims%20on%20a%20daily%20basis.png
i0.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaWxWtKhGDu0mo4fGVfdbaWHVHHWC596Fo_KguxAzEhcEVwa6OW7UY5RGL28UhvU3GvT06PwpU3or1iNdZNzONjKw1Nsocajzii4SBsBgwGO5QOEV6yD6hI3Kicsw8BFt875KaTn... 62 KB
62 KB 14ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaWxWtKhGDu0mo4fGVfdbaWHVHHWC596Fo_KguxAzEhcEVwa6OW7UY5RGL28UhvU3GvT06PwpU3or1iNdZNzONjKw1Nsocajzii4SBsBgwGO5QOEV6yD6hI3Kicsw8BFt875KaTn4_rZt8YbDw71mUGw6G6mhracj4JQcH6DdWNa1__b5wiWRnT_Gmow/s16000/A%20new%20DDoS%20botnet%20Attacks%20100%20DDoS%20victims%20on%20a%20daily%20basis.png?ssl=1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9c8aef7d5353005023f73c407368bf8db923ae6a04d282b772d3ebdd39075bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 3
date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Apr 2022 04:03:58 GMT
server: nginx
etag: "6810c515494a24d2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaWxWtKhGDu0mo4fGVfdbaWHVHHWC596Fo_KguxAzEhcEVwa6OW7UY5RGL28UhvU3GvT06PwpU3or1iNdZNzONjKw1Nsocajzii4SBsBgwGO5QOEV6yD6hI3Kicsw8BFt875KaTn4_rZt8YbDw71mUGw6G6mhracj4JQcH6DdWNa1__b5wiWRnT_Gmow/s16000/A%20new%20DDoS%20botnet%20Attacks%20100%20DDoS%20victims%20on%20a%20daily%20basis.png>; rel="canonical"
content-length: 63266
expires: Sun, 14 Apr 2024 16:03:58 GMT

GET
H2 200 NGINX%20web%20server%20project%20addressed%20a%20zero-day%20Flaw%20in%20LDAP%20Implementation.png
i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx-kk2SfYA26LQzzNSkXWKEpaAS396cRexW7S1_tjCuLK7Pt-H3wBzV8TfzUHqYW35rpHd4z8I76CdY8RI7y_6zPbXv9dwUIphjhp4NkalC0N_dlKiBlBulqYE184rdeziUy4cCh... 66 KB
66 KB 15ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx-kk2SfYA26LQzzNSkXWKEpaAS396cRexW7S1_tjCuLK7Pt-H3wBzV8TfzUHqYW35rpHd4z8I76CdY8RI7y_6zPbXv9dwUIphjhp4NkalC0N_dlKiBlBulqYE184rdeziUy4cCh_-1y4f1lXMimxPgV_0-8M0HyPiaVkLEbjuzvFjKXF-0kOb8EDYMA/s16000/NGINX%20web%20server%20project%20addressed%20a%20zero-day%20Flaw%20in%20LDAP%20Implementation.png?ssl=1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

87628f3d81cee3abc4d74b913548e9279ece669f7d9915ab453033e6abf095de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Apr 2022 11:12:59 GMT
server: nginx
etag: "72af64895c1bad0a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx-kk2SfYA26LQzzNSkXWKEpaAS396cRexW7S1_tjCuLK7Pt-H3wBzV8TfzUHqYW35rpHd4z8I76CdY8RI7y_6zPbXv9dwUIphjhp4NkalC0N_dlKiBlBulqYE184rdeziUy4cCh_-1y4f1lXMimxPgV_0-8M0HyPiaVkLEbjuzvFjKXF-0kOb8EDYMA/s16000/NGINX%20web%20server%20project%20addressed%20a%20zero-day%20Flaw%20in%20LDAP%20Implementation.png>; rel="canonical"
content-length: 67344
expires: Sat, 13 Apr 2024 23:12:59 GMT

GET
H2 200 Tarrask%20malware%20Uses%20unpatched%20zero-day%20vulnerabilities%20to%20Evade%20Defense%20Techniques.png
i1.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAXa6Nm_QRFPSeqwfGZhSZ3VmOfy-1Reigj4FBaghDBthFxVoLlAKkW4WkmmtppIBkPhRLRyyvZtLMVBnyAn3x3PC1ujl7B_wYEBFexsp5gfDGskb0FtvmN1CDooBMcUu7p4omq3... 91 KB
91 KB 15ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAXa6Nm_QRFPSeqwfGZhSZ3VmOfy-1Reigj4FBaghDBthFxVoLlAKkW4WkmmtppIBkPhRLRyyvZtLMVBnyAn3x3PC1ujl7B_wYEBFexsp5gfDGskb0FtvmN1CDooBMcUu7p4omq3G0DA2MT3KfUjuAHWG1329I6um9qdHW2bzPzFA8IkGOnzczqA0Wsw/s16000/Tarrask%20malware%20Uses%20unpatched%20zero-day%20vulnerabilities%20to%20Evade%20Defense%20Techniques.png?ssl=1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6213e945d57a4b740a393943558d23a6c18b17eca38c63cfa559842d780f960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 12:22:35 GMT
server: nginx
etag: "48b52964c587b370"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAXa6Nm_QRFPSeqwfGZhSZ3VmOfy-1Reigj4FBaghDBthFxVoLlAKkW4WkmmtppIBkPhRLRyyvZtLMVBnyAn3x3PC1ujl7B_wYEBFexsp5gfDGskb0FtvmN1CDooBMcUu7p4omq3G0DA2MT3KfUjuAHWG1329I6um9qdHW2bzPzFA8IkGOnzczqA0Wsw/s16000/Tarrask%20malware%20Uses%20unpatched%20zero-day%20vulnerabilities%20to%20Evade%20Defense%20Techniques.png>; rel="canonical"
content-length: 92756
expires: Sat, 13 Apr 2024 00:22:35 GMT

GET
H3

200

Indusface-banner-600.png
gbhackers.com/wp-content/uploads/2022/04/
Redirect Chain

https://gbhackers.com/indusface-banner-600/
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-600.png

114 KB
115 KB

11ms
10ms

Image
image/png

2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-600.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

382e5a9ed1bac8d2e550dab8d54041d8fd093c8cdc80f33536ee9ecc0e1e1e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 147157
age: 759642
cf-ray: 6fec3af8d98680f0-NRT
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116866
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-Nim-BZQ-zh"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hiDnaBbF54M5MBT8Z2Psj87Kd%2FLa3fnZ%2Bj9Qfio6KrUS4gV4noG%2B3C0MX%2BzB5cUY8JjGJmAdlPXAw0TMeqfNQEpr2zYNd98taLUuFuTXlcNtHUe%2B2Qig4t9pUBFWG12RWi0wgMYa0z1SSSY"}],"group":"cf-nel","max_age":604800}
x-varnish: 86550892
cache-control: public, max-age=2591961
accept-ranges: bytes
content-type: image/png
expires: Wed, 11 May 2022 12:37:40 GMT

Redirect headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-redirect-by: Yoast SEO
cf-ray: 6fec3af63c9380f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0BYne6lmwZJGSdevCxvsUYEZmlN0fDbfPAn1nCyvGQVnBJGk2SamEODuzh6tBhj%2FjuvdvPPhsjw%2FSvlHCKBNWO05bJWMUq0jPp%2BNF1rI28GI1SCiSL5pt3KQCuYWaLo5NJjUua7mGeQSP2A"}],"group":"cf-nel","max_age":604800}
x-varnish: 70692232
location: https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-600.png
cache-control: private, must-revalidate
content-type: text/html; charset=UTF-8
expires: Tue, 19 Jul 2022 07:40:10 GMT

GET
H3

200

Indusface-banner-300.png
gbhackers.com/wp-content/uploads/2022/04/
Redirect Chain

https://gbhackers.com/indusface-banner-300/
https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-300.png

64 KB
65 KB

10ms
10ms

Image
image/png

2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-300.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416b3a49eb2cca735856c99da6c981f72d09d32c8bef9abd2e4d8e0d81029483

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 82393
age: 759282
cf-ray: 6fec3af8b96880f0-NRT
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65625
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-Qp5ak5pvND"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2BmHN%2BXAKXI9CSBW%2FSJdy5Ke8gfWq3ypXn1XZj9yzwrKgpu6uC4dLGglqHEgj87raHgmpuyyyeqc%2Bl6G%2B2GKdqXuKczly8LcSSIcYaV%2FAcb9O6YPpXobEP738FJQZLHGWnttD0cNxNxfZqf"}],"group":"cf-nel","max_age":604800}
x-varnish: 96836644
cache-control: public, max-age=2591960
accept-ranges: bytes
content-type: image/png
expires: Wed, 11 May 2022 12:39:23 GMT

Redirect headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-redirect-by: Yoast SEO
cf-ray: 6fec3af63c9580f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik6BPdxclFc9YSl6rswZ5Iz%2B4HdGtud1wONPhNW6fGFIPLTRbJxB88A4vT6UM8%2FCd7YV1JAW5PSsoqThWUPKLlApgOh%2B0ynw4ltiihW7h6PTAXhhHZrThP8wNr1SMIllxn8TXP34v%2FeCuRqP"}],"group":"cf-nel","max_age":604800}
x-varnish: 83019859
location: https://gbhackers.com/wp-content/uploads/2022/04/Indusface-banner-300.png
cache-control: private, must-revalidate
content-type: text/html; charset=UTF-8
expires: Tue, 19 Jul 2022 07:40:10 GMT

GET
H3 200 spinner.gif.pagespeed.ce.gM0bEmS6Xn.gif
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/images/ 3 KB
4 KB 16ms
13ms Image
image/gif 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif.pagespeed.ce.gM0bEmS6Xn.gif

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 3208
age: 99537
cf-ray: 6fec3af63c9680f0-NRT
x-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Apr 2020 02:56:40 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7fSckFqhjR6ZjcIH7w%2BfD1gQycSL9h4%2B4jpCib4fIZ6TA7Ydnz64VrqYVAz%2FY5T99Qql%2FJAxp6Ye%2BCdU8Y%2BFQ%2BH4%2BLoXSA6angchaetmsRfpj6NXl%2BB4vG5eakNDVhDG%2BgIOQaADOyIQwsq"}],"group":"cf-nel","max_age":604800}
x-varnish: 80838964
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/gif
expires: Wed, 19 Apr 2023 03:52:45 GMT

GET
H2 200 AVvXsEiVzF6Xg1VVXRgcKgphQL_94RyB2lKqACgREPZoXQo0co2YuoAXZGUIquDPxIlO-EHeFUHzbLQ7ftwJ_DpbatGyI13556NLqqYVVAM8bZhQLMHS1hkCB3ZPu_KDgPhPHufpl6bWrbhdDgCTeVgY-YOQem_PH-gqnsreiMbO0OykyCpFCmlm0KTbnjHfKA=s1...
blogger.googleusercontent.com/img/a/ 94 KB
94 KB 939ms
756ms Image
image/png 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiVzF6Xg1VVXRgcKgphQL_94RyB2lKqACgREPZoXQo0co2YuoAXZGUIquDPxIlO-EHeFUHzbLQ7ftwJ_DpbatGyI13556NLqqYVVAM8bZhQLMHS1hkCB3ZPu_KDgPhPHufpl6bWrbhdDgCTeVgY-YOQem_PH-gqnsreiMbO0OykyCpFCmlm0KTbnjHfKA=s16000

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

103fe0291557094119a64e929806340361d8d9a7148dda36e266a77d4eb4952c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v3f93"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="APP SEC.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95766
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:40:11 GMT

GET
H2 403 AVvXsEgt4ydu9fuRn5_ZauZk-EwmB8Zc6Xhcmak6l7T8NfoacGYgcZ-YjqYoRCdl0UE-relh8Btcb_Yci0c79BJx_7lRXqynq5u1ziZuhauj03A6OuIwoFF7qUrhFkferBVsjFCfGudVjbmVuH5e5TFUMr2I1M4dWhkVz2748ZhS_9hGM4XBkLt11pIAQndAIQ=s1...
blogger.googleusercontent.com/img/a/ 0
0 766ms
587ms Image
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogger.googleusercontent.com/img/a/AVvXsEgt4ydu9fuRn5_ZauZk-EwmB8Zc6Xhcmak6l7T8NfoacGYgcZ-YjqYoRCdl0UE-relh8Btcb_Yci0c79BJx_7lRXqynq5u1ziZuhauj03A6OuIwoFF7qUrhFkferBVsjFCfGudVjbmVuH5e5TFUMr2I1M4dWhkVz2748ZhS_9hGM4XBkLt11pIAQndAIQ=s16000
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 AVvXsEg5ZK1Y29pbP3mmPHBS69oQYwY65kExHhokdCX779BF9n3vT8ENBAKlPTlFwP1cPWhCluBJbmXS_NkpbOkYX3RKka3fNd65YGWNdPNeKgBPcmm0mrOnJbpPOsCwGRB7H8aFQMa2m0QKtxBLrIInjIvtbGrGXsmROWc4oavj5PSmL9pb8RpC1siJnvMIDA=s1...
blogger.googleusercontent.com/img/a/ 86 KB
86 KB 960ms
781ms Image
image/png 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg5ZK1Y29pbP3mmPHBS69oQYwY65kExHhokdCX779BF9n3vT8ENBAKlPTlFwP1cPWhCluBJbmXS_NkpbOkYX3RKka3fNd65YGWNdPNeKgBPcmm0mrOnJbpPOsCwGRB7H8aFQMa2m0QKtxBLrIInjIvtbGrGXsmROWc4oavj5PSmL9pb8RpC1siJnvMIDA=s16000

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

719a8efc035d8ea96ce455021d37e82b3ae7b4dd65fd3275855b77b99068dacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v3e62"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Chinese Hackers Using Log4Shell Exploit Tools to perform various post-exploitation operations (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88249
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:40:11 GMT

GET
H2 200 AVvXsEgxLN92g2nfp2nyWarQsRyiN9nZ8ulhg4gpYF_Eirrp9Yr3hEHIbD4UmLt_yhgO3KbcF6ac4kQjuwWEO9glX_ZN9ZYW0LyZ9PP8MsWie3wmV4-xpRHKSLR0XGjk0YphevJpuA52egdTnp_JEsFF95gR-KAn5Mif41UWZBSjKiaPZKc5RWKPoRHX2qfyfA=s1...
blogger.googleusercontent.com/img/a/ 57 KB
57 KB 1020ms
842ms Image
image/png 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgxLN92g2nfp2nyWarQsRyiN9nZ8ulhg4gpYF_Eirrp9Yr3hEHIbD4UmLt_yhgO3KbcF6ac4kQjuwWEO9glX_ZN9ZYW0LyZ9PP8MsWie3wmV4-xpRHKSLR0XGjk0YphevJpuA52egdTnp_JEsFF95gR-KAn5Mif41UWZBSjKiaPZKc5RWKPoRHX2qfyfA=s16000

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4fd7c77775ad67171bd2247417d611ff401b44118e47a841eec79c04522125d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v3de5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ransomware Affiliate Arrested.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58417
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:40:11 GMT

GET
H2 200 AVvXsEiRrvJkfXDPTDSEUmlOxkQovJnr6WMX_kYMtkUCNcWWv2X2tzbVXsEAr9DQksgXNVBOItDIZE6gT90KMUDHrraD5jraNNa-y1g6XuA70nsoEDFqsCmNFwBG7CQWMMLqLpokC4bdxkGUT1pxBVm02oJd7bdE1rBsCezuBZnyDFY4d3qL9xNSL5SFDc9uow=s1...
blogger.googleusercontent.com/img/a/ 50 KB
50 KB 860ms
758ms Image
image/png 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiRrvJkfXDPTDSEUmlOxkQovJnr6WMX_kYMtkUCNcWWv2X2tzbVXsEAr9DQksgXNVBOItDIZE6gT90KMUDHrraD5jraNNa-y1g6XuA70nsoEDFqsCmNFwBG7CQWMMLqLpokC4bdxkGUT1pxBVm02oJd7bdE1rBsCezuBZnyDFY4d3qL9xNSL5SFDc9uow=s16000

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82de6f5e5de54b332f00258ae7b27d92b0431335d616b4c9840d5314fcb68136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v3dc6"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Dozen of Malicious NPM Packages Caught Hijacking Discord Servers.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51456
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:40:11 GMT

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 11:16:45 GMT
server: cloudflare
etag: W/"62555f9d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyT4L1csX9An3plpltoUj3kzAI2XW0I8cQ27w%2FzPTfo2p8a8AwsKfKJRRCTSvhvxULmDGK32kLTOJP4tyKjm8qlaVvM%2FNEZkioMlESZ3zmkFp2pp7HcGsdQexTjCnPfcOcQNvhJGmF4G%2BXiw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fec3af5fbd980f0-NRT
vary: Accept-Encoding
expires: Fri, 22 Apr 2022 07:40:10 GMT

GET
H3 200 woo.css
gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/css/ 60 B
712 B 15ms
15ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0eca051bf2e51696f3f8ef35337104af0c65042f06ee0b8badf3f8f2b4e8fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 76
age: 1111440
cf-polished: origSize=64
cf-ray: 6fec3af60c2380f0-NRT
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-mMIhCQsjHN"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaMSHxWW5oAaWBPaWZu4n9c4alczjixGAHiIQlF6HEObcE5qD%2FNr8l0X1ZtFWzMf8VgNDWelpf88O5gb8TnVAwIy9vAC60%2FILq8kEAkqg4IWs8GKZYLYL78Ewu3a%2FoAwwO1z9yicuG5corrC"}],"group":"cf-nel","max_age":604800}
x-varnish: 79968313 85301052
vary: Accept-Encoding
cache-control: public, max-age=2591737
content-type: text/css
expires: Wed, 04 May 2022 15:00:22 GMT

GET
H3 200 photon.min.js Show response
gbhackers.com/wp-content/plugins/jetpack/_inc/build/photon/ 685 B
972 B 12ms
12ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 758
age: 524489
cf-ray: 6fec3af62c5e80f0-NRT
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-JGJqxEU79F"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbH3xlpURQVqUBRm29nKRwbztrSebwoKwlMx1WJsMt30vNbexQ%2FZ2BDLB0OIX2y3t0qVLCMsujCbrZ8GSd9qx3JUpjzmYeBBUy6TR6%2FSEIQajIMAtvays4cZjXR3rIMa93tbu%2FjcL%2B6Gq9Eb"}],"group":"cf-nel","max_age":604800}
x-varnish: 101829435 93192285
vary: Accept-Encoding
cache-control: public, max-age=2591739
content-type: application/javascript
expires: Wed, 04 May 2022 15:00:22 GMT

GET
H3 200 tagdiv_theme.min.js Show response
gbhackers.com/wp-content/themes/Newspaper/js/ 200 KB
48 KB 21ms
20ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8209efc7da6a179bd91dee606ada248b8439c4a409ccbf09d239995cbbba55

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 205617
age: 1617586
cf-ray: 6fec3af63c7c80f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-iHIXaJ9EqT"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAJYzpkM5yXDxvnwImrnc8QcixfGdsYj0f8e%2FAEYz4TcBSvzjwmulKnWYaqC7yhybXjipyq%2BR4KvdOCbmj74zUA1Bz0BMjAHKCb9eUaepQxoICSie2wwAspotb1VPqejs1zVaCgMKvGbBWJK"}],"group":"cf-nel","max_age":604800}
x-varnish: 58499888
vary: Accept-Encoding
cache-control: public, max-age=2591540
content-type: application/javascript
expires: Wed, 27 Apr 2022 20:56:19 GMT

GET
H3 200 comment-reply.min.js Show response
gbhackers.com/wp-includes/js/ 2 KB
2 KB 12ms
10ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/comment-reply.min.js?ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 2420
age: 1805457
cf-ray: 6fec3af63c7e80f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-C22YcYY7sT"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUNtmI4lQpkgosaX6B%2FKsYAM7MSd%2FnlLPT0Hgx0iauBGAaUU3QM9JdxADH9Spj3ou05njig1I0qPgC3F9c6GrSF%2FJjUbOEBSsZjE5IhEH8wF40p3eb5uZ8eSSnzcyo%2FGpxjcShYunaEFlXuZ"}],"group":"cf-nel","max_age":604800}
x-varnish: 65928751
vary: Accept-Encoding
cache-control: public, max-age=2591075
content-type: application/javascript
expires: Mon, 04 Apr 2022 09:15:42 GMT

GET
H3 200 wp-embed.min.js Show response
gbhackers.com/wp-includes/js/ 1 KB
1 KB 18ms
14ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/wp-embed.min.js?ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 1434
age: 1805457
cf-ray: 6fec3af63c8580f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-BBM9N8_Q8I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg6j%2FenvXb8RV6TF3li4BkCydaalZTHREs7dzRVBiQOIeh0TZxtD6IY4m3vl5IRhImG4xAx4Lgd%2BCTaUdzNFzHqiGyL1sHCSk9ch0lEJpMxrysWiTs%2B%2B7J3enemCnYY4Il0OIGQT8apIKXKP"}],"group":"cf-nel","max_age":604800}
x-varnish: 65928753
vary: Accept-Encoding
cache-control: public, max-age=2591075
content-type: application/javascript
expires: Mon, 04 Apr 2022 09:15:43 GMT

GET
H3 200 image.js Show response
gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
1 KB 18ms
14ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?3_0_1&ver=4cc0e90e607ad87706fb34633047a82d

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbca7622295dec97458ab7a27983d05969398fbc96da602c38edb8f83e79374a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 2916
age: 524489
cf-ray: 6fec3af63c8880f0-NRT
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-pSApZDLai5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICLQOqqk9gfArdggJQP%2FGIUMg5jqFAWsjOeldflJRTOzX2OIoOK6mHnEVDmOX%2BiXl4DlrPZxNZKc4Lg9DlndiNx6zK0%2Ffdii9zpoGhAUWPMzcV1b3iSc2djp5rH7sZ1L%2FCk4demJLj%2BjlNMB"}],"group":"cf-nel","max_age":604800}
x-varnish: 101829437 77964972
vary: Accept-Encoding
cache-control: public, max-age=2591739
content-type: application/javascript
expires: Wed, 04 May 2022 15:00:22 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 26ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=4cc0e90e607ad87706fb34633047a82d
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2393
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6fec3af6f867efae-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 23 Apr 2022 07:40:10 GMT

GET
H3 200 sharing.min.js Show response
gbhackers.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 8 KB
3 KB 15ms
11ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=8.4.3

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee73983f199df0f0cca9f5306e79bd0a5a624e09b9e805a93957a4167ee87fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/critical-magento-0-day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
x-original-content-length: 8027
age: 1617586
cf-ray: 6fec3af63c8b80f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-lTL_G96kcx"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbrVezBXiNXBkBXck7%2FsCuCBqStBD8uYjD6eJySCs77QW0u4L2EZFQlN0q5n8LwTl5vsfC9uKvzKEH0Rw3IOgyExjN83M45mGInrzaNjG4AoIUVl%2B2%2B73GdfGKwFBJrC%2BtZzhCaojiADPiuQ"}],"group":"cf-nel","max_age":604800}
x-varnish: 83205613
vary: Accept-Encoding
cache-control: public, max-age=2589783
content-type: application/javascript
expires: Wed, 27 Apr 2022 20:56:19 GMT

GET
H2 200 e-202216.js Show response
stats.wp.com/ 9 KB
3 KB 7ms
1ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202216.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt
date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
server: nginx
etag: W/"61adb080-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 09 Apr 2023 17:09:26 GMT

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 15 KB
15 KB 136ms
134ms Font
application/x-font-woff 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fec3af65cc880f0-NRT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Dec 2017 02:49:51 GMT
server: cloudflare
etag: W/"1a035e-3b50-5606c2bcad1c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf%2FAUHbSP%2FHdTCT4rSfDnUmVqhRyYtGbJbszeALOKd7F5iwooWmF%2BiOKXku2vnoahKWTjfa0oRPCB9on8ZW5bAa0%2F%2F4xWjeqzmxYV0lqUBCeOACjptKnHDzbvf%2BmewUoDev9r87gWLysTbiq"}],"group":"cf-nel","max_age":604800}
x-varnish: 83706223
cache-control: max-age=31536000, s-maxage=10
content-type: application/x-font-woff
expires: Thu, 20 Apr 2023 07:21:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 41ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:20:41 GMT
x-content-type-options: nosniff
age: 321569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 14:20:41 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 33ms
5ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 22309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 01:28:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 20ms
4ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 202281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 23:28:49 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 41ms
5ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:26:42 GMT
x-content-type-options: nosniff
age: 202408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 23:26:42 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb55864b528fb5460ccf4acb8ff4498ec0a588cb262170df0ddc9caf32f0d76e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 19ms
6ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:42:08 GMT
x-content-type-options: nosniff
age: 32282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:42:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 17ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:10:40 GMT
x-content-type-options: nosniff
age: 66570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 13:10:40 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 47 KB
47 KB 16ms
6ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 23:22:29 GMT
x-content-type-options: nosniff
age: 29861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:01:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:22:29 GMT

GET
H2 200 / Show response
jetpack.wordpress.com/jetpack-comment/ Frame 3217 24 KB
7 KB 193ms
183ms Document
text/html 192.0.78.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba97a4cd717b6beb6414199460703384e1b2c306ce2e71412b4f55c72a5de733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:10 GMT
host-header: WordPress.com
server: nginx
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-ac: 4.nrt _bur
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b

Request headers

Referer
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 3ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:48:54 GMT
x-content-type-options: nosniff
age: 201076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 23:48:54 GMT

GET
H3 200 pubads_impl_2022041401.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 40ms
4ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125916
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 08:34:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 10:54:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 118 B
123 B 74ms
38ms XHR
application/json 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gbhackers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

0b941c810fe88e2e1057892078509e93bbf91555b097c28554b8e1e9df0df4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 102 B
395 B 575ms
167ms Script
application/javascript 23.45.60.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&_=1650440410587

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.235 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-60-235.deploy.static.akamaitechnologies.com

Software

Resource Hash

357498c7c2e12493b2fd69f74d18db6e63f847a31158b9bb2a6584a8aec72db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.af816d68.1650440411.42ae8d0f
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1364304065635458
content-length: 102
expires: Wed, 20 Apr 2022 07:55:11 GMT

GET
H2 200 / Show response
graph.facebook.com/ 244 B
661 B 208ms
153ms Script
text/javascript 2a03:2880:f00f:1:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&_=1650440410588

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:1:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51288308c8e75618bbe78264693ad3c1b69f9ecc03cfb0c2e216a422b1838385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005380057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: pxoQsKt72DoB/+uYjftZqZwJdlKbtACiNlegxgqnQ7ObXP6GOZwqjoHgZSDMLZL6W+1xTVkL9vRunzgzOJgT+w==
x-fb-trace-id: A8bvhoFbj1t
date: Wed, 20 Apr 2022 07:40:11 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ADIJcWNE_UckJtCwEiI9Ygs
cache-control: no-store
facebook-api-version: v6.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
75 B 2ms
1ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.9831462826491846
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Apr 2022 07:40:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 1ms
1ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.5843288217072069
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Apr 2022 07:40:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 25ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=4cc0e90e607ad87706fb34633047a82d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3354
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6fec3af7ff7f34c9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 23 Apr 2022 07:40:10 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
75 B 3ms
3ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.4.3&blog=116523949&post=52705&tz=0&srv=gbhackers.com&host=gbhackers.com&ref=&fcp=805&rand=0.8262107063698569
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Apr 2022 07:40:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
2ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88811382-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6222
date: Wed, 20 Apr 2022 05:56:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 20 Apr 2022 07:56:28 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
61 KB 79ms
2ms Script
application/javascript 2600:140b:2::172c:3388
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62136cf7c403d54bf6177385&AV_PUBLISHERID=6156d36e41b7fa6a7c61775c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2::172c:3388 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduewFSkm1YuwE79_aqZgzwRA4AhhZwosbRqRXQZoT_pwRMO9_L7cyENZHRK9Jj6t9a6BCm2VMTnb4DdYyYEE9k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
content-language: en
x-goog-generation: 1646327924579580
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Apr 2022 07:45:10 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 572ms
172ms Image
text/plain 52.3.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=6156d36e41b7fa6a7c61775c&cid=62136c1e9133d0725b25b09b&cb=1650440410887&r=gbhackers.com&stagid=62136cf7c403d54bf6177385&stplid=619ddf3cd710fe389c658994&d35=&e=playerLoaded
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-72-47.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 303 KB
108 KB 105ms
105ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

cc189cd0c466e69ce1bca14366d54770c3878162d9d5f091ae8679fe4c8c14b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110907
x-xss-protection: 0
server: cafe
etag: 9747364845258685133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:40:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame F42F 10 KB
5 KB 42ms
3ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 62035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 14:26:15 GMT
etag: 14837630671339829333
expires: Tue, 03 May 2022 14:26:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 78ms
37ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
37ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 78ms
78ms XHR
text/plain 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3292992065877901&correlator=3144580212458785&eid=31067152%2C31067165%2C31066184&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=164359770%2Cgbhackers_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=4229531534&didk=4059653214&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650440410957&lmt=1650440410&dlt=1650440410428&idt=504&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

f8d1e50f1116674f35b6952f09e10229a9b7a58e647c67875d45673c51b10c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8929
x-xss-protection: 0
google-lineitem-id: 4353286482
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138204691767
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gbhackers.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 308ms
308ms XHR
text/plain 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3292992065877901&correlator=3144580212458785&eid=31067152%2C31067165%2C31066184&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21902364955%3A164359770%2CCM_Gbhackers.com_Technology_And_Computing_Fixed_RSB_Top%2CCM_Gbhackers.com_Technology_And_Computing_Fixed_LSB_120x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600&ifi=6&adks=1317852776&didk=117391967&sfv=1-0-38&ecs=20220420&fsapi=false&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1650440410961&lmt=1650440410&dlt=1650440410428&idt=504&biw=1600&bih=1200&adxs=0&adys=25&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=120x-1&msz=120x-1&fws=516&ohw=1600&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

46842e3fe5a01ab673ca82cec619df43199983f9385e8a5ff3f41befa942d9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10425
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gbhackers.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 544ms
544ms XHR
text/plain 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3292992065877901&correlator=3144580212458785&eid=31067152%2C31067165%2C31066184&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21902364955%3A164359770%2CCM_Gbhackers.com_Technology_And_Computing_Fixed_RSB_Top%2CCM_Gbhackers.com_Technology_And_Computing_Fixed_RSB_120x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600&ifi=7&adks=99558567&didk=3211185835&sfv=1-0-38&ecs=20220420&fsapi=false&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1650440410964&lmt=1650440410&dlt=1650440410428&idt=504&biw=1600&bih=1200&adxs=1480&adys=25&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=120x-1&msz=120x-1&fws=516&ohw=1600&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

deeb4094eda74db0e2335639bf365ce627e1961f11166948c8871d26a46ce4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11588
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gbhackers.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E61 6 KB
4 KB 138ms
37ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:11 GMT
expires: Thu, 20 Apr 2023 07:40:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 3217 20 KB
5 KB 8ms
1ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/mu-plugins/videopress/js/videopress-token-bridge.js,/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1649344881j
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 56e3c0688b76c744a26258d690039ec4f9487f7b509d0eb8fbf580d74e7b2e88

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
last-modified: Thu, 07 Apr 2022 15:21:45 GMT
server: nginx
etag: W/"624f0189-5009"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.nrt _bur
timing-allow-origin: *
expires: Fri, 07 Apr 2023 15:21:54 GMT

GET
H2 200 style.css
s0.wp.com/wp-content/mu-plugins/highlander-comments/ Frame 3217 17 KB
3 KB 8ms
2ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1650315457h&cssminify=yes
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: da6ea6515dc1993e6e9915f88decf7bf8ca37d088b315d795f09bfea48f8a760

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 20 Apr 2022 07:40:10 GMT
content-encoding: br
server: nginx
etag: W/"625dd0cd-54bf"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.nrt _bur
timing-allow-origin: *
expires: Tue, 18 Apr 2023 20:57:54 GMT

GET
H2 200 ad516503a11cd5ca435acc9bb6523536
1.gravatar.com/avatar/ Frame 3217 439 B
668 B 8ms
2ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d3ddd29db765914b449b4573e5a3c24e1982838d9f55befd894cb73333f8149a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Wed, 20 Apr 2022 07:40:11 GMT
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25>; rel="canonical"
content-length: 439
expires: Wed, 20 Apr 2022 07:45:11 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 3217 41 KB
11 KB 4ms
4ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1649873911j
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 086d3d4f7c60faf9c9a1ee985ea35eca47e4542fe35db24754c26894639dc9a0

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
last-modified: Wed, 13 Apr 2022 18:18:45 GMT
server: nginx
etag: W/"62571405-a4af"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.nrt _bur
timing-allow-origin: *
expires: Thu, 13 Apr 2023 18:18:49 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 3217 20 KB
5 KB 2ms
1ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/admin-bar/masterbar-tracks.js?m=1649402273j
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 0454e3fcdcaa1ce3c5668ad4d4887d61c0a02ab3b004fe58435a3daf327b5ac8

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 07:18:08 GMT
server: nginx
etag: W/"624fe1b0-4eb4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.nrt _bur
timing-allow-origin: *
expires: Sat, 08 Apr 2023 07:18:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
35ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=630912523&t=pageview&_s=1&dl=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&ul=en-us&de=UTF-8&dt=Critical%20Magento%200-Day%20Let%20Attackers%20Execute%20Arbitrary%20Code&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=561132440&gjid=1484874626&cid=107434288.1650440411&tid=UA-88811382-1&_gid=844820306.1650440411&_r=1&gtm=2ou4i1&z=238044421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gbhackers.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gbhackers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ Frame 3217 18 KB
5 KB 2ms
2ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1625065786h&ver=6.0-alpha-52450
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=52705&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e1b26d2e9eac651d713611b6bc875c1c9a62f021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
server: nginx
etag: W/"61adb0da-4705"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.nrt _bur
timing-allow-origin: *
expires: Wed, 19 Apr 2023 13:14:38 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Fetch
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://gbhackers.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 web Show response
onesignal.com/api/v1/sync/a7a25758-844a-4255-9c2f-95ddba8ff4a4/ 3 KB
2 KB 927ms
920ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/a7a25758-844a-4255-9c2f-95ddba8ff4a4/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d0070eb1bff269e01ff6e85e97f5c3427ecd26ce86c56e6e635c7bba867e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 394
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5fa32810-cb5f-486e-afd8-4232a37a25a0
x-runtime: 0.392602
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"00d0070eb1bff269e01ff6e85e97f5c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6fec3af8d9d7efae-NRT
access-control-allow-headers: SDK-Version
expires: Wed, 20 Apr 2022 08:40:11 GMT

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 2ms
2ms Script
application/javascript 2600:140b:2::172c:3388
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2::172c:3388 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdskR6bplB9XJPNoCxhD9IHgey9MO0IeGKQFPy8BP22s3G_LAzBXpIYcYqvA9qNnZ1gf6_SvoUX0mvIAoCxBZrCINuXAxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Apr 2022 07:45:11 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
1 KB 832ms
226ms Image
image/png 94.130.218.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.218.130.94.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: nginx/1.17.10
etag: "60068ec0-4f1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1265
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 657ms
169ms Image
text/plain 52.71.114.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=6156d36e41b7fa6a7c61775c&r=gbhackers.com&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=360&test=&vi=0&e=cpll&cb=1650440411051
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.114.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-114-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 37ms
37ms Fetch
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://gbhackers.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 38ms
38ms Fetch
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://gbhackers.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 158ms
52ms XHR
text/plain 2404:6800:4008:c13::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-88811382-1&cid=107434288.1650440411&jid=561132440&gjid=1484874626&_gid=844820306.1650440411&_u=YAhAAUAAAAAAAC~&z=1850180911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gbhackers.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Apr 2022 07:40:11 GMT
content-type: text/plain
access-control-allow-origin: https://gbhackers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
247 B 74ms
38ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gbhackers.com&callback=_gfp_s_&client=ca-pub-5372786174760228&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 80ms
44ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
40ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5434 70 KB
23 KB 634ms
597ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8090dcf1528669ee879e5d1d76076299b26ca477b3a0aa34409af2d67241c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:11 GMT
expires: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8ABC 73 KB
23 KB 853ms
850ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2315524698&adf=2169656816&pi=t.ma~as.1238950596&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410900&bpp=1&bdt=473&idt=252&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mZcQ0Lwca2&p=https%3A//gbhackers.com&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0a6f3353c979f70b72afc8fd8c446690ce8ad61908b813c29c4a2e4c7d13fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23911
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:11 GMT
expires: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F00F 71 KB
23 KB 505ms
504ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1041368278&adf=786905601&pi=t.ma~as.2715683798&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410901&bpp=1&bdt=473&idt=264&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=COoNrO85rn&p=https%3A//gbhackers.com&dtd=266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27ca8e27843bf2e61cca14e059225d12732230315ddcba2549451c07acd94950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23634
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:11 GMT
expires: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D60 243 KB
66 KB 681ms
680ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1650440411&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410913&bpp=1&bdt=486&idt=257&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250%2C300x250&nras=1&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20220413&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=262

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b751758890c0692076e5b4d8262707257e520748a2dad68176615204b4940077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67453
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:11 GMT
expires: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.m3u8 Show response
streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/ 111 B
433 B 743ms
71ms XHR
application/vnd.apple.mpegurl 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: b182803b7f7f9b2c4b92b6874fdda040ec0729d04e4d1f87ff1515c405ae1b13

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
last-modified: Mon, 28 Mar 2022 10:10:26 GMT
server: nginx/1.17.10
etag: "62418992-6f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 111
x-hw: 1650440411.cds035.si2.hn,1650440411.cds022.si2.c

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 76EF 222 KB
62 KB 159ms
8ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 76EF 16 KB
6 KB 176ms
25ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 76EF 96 KB
29 KB 177ms
26ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 76EF 5 KB
2 KB 33ms
29ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 76EF 42 KB
13 KB 34ms
31ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
DATA 200
OK truncated
/ Frame 76EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87ef1a8fbb1d42a1b69c0002b989c2c75780b56ffb3400c22eeefdbbb2bddc68

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17150209039515871966
tpc.googlesyndication.com/simgad/ Frame 76EF 96 KB
97 KB 136ms
0ms Image
image/gif 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17150209039515871966

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9c7d82e5c64afa48db3c39763fcd144d7c5b34adedaa90e398a87ee7c8792df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:03:55 GMT
x-content-type-options: nosniff
age: 192976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98462
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 01:52:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Apr 2023 02:03:55 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 76EF 3 KB
3 KB 135ms
0ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:04:21 GMT
x-content-type-options: nosniff
server: cafe
age: 34550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:04:21 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 76EF 344 B
449 B 138ms
0ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 18:59:42 GMT
x-content-type-options: nosniff
server: cafe
age: 45629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 20 Apr 2022 18:59:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 76EF 0
0 79ms
39ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6xNlmB7-7Fos74xSV0BUep69Xifd9hTmx08rAm0SBPC0lwuoFUiEPNsPQ_KGsJv2uGl_4
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 76EF 0
0 43ms
43ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRA1l27hfYvb-AqePs8IPi7S7KOuPvtlpw5vTrO0PloLNhYgWEAEg8tO5e2CJ88WE9BOgAb_L5oUCyAED4AIAqAMByAMIqgSNAk_QBfUzeJgpkPEOyORKWw49XJTh4rj9Ocv_cYT9jt1qZuwB0K9QiXapjviz1srqxiHl_vz5X0k9NI9O5BDaHIjVsxEeDixYSwcoXZ95PDeppq3t4mzxQLYy4SAfFw-R2SqIYi4eaPKKEl0yUdc_jCAoQFnUpu3t8ZLQax40LHu887z6ip30I1-36I0xS6TNAy8_-wz3ozyU_BY4Yo-0aWlzuJBhYUeO7JwryUm82Az7Muwqdnxxf7TBDou3GDhdk7mLQNvMNhgerIWw0sdasoeFslzLznp9Wvo0yDZHkO2RRmVRX9BZQ1o4FNg2RJ_CV3lBE_dLHtLS67vubP15ORRY5NY9QrYxh6yPLNjnwASR2fC10gPgBAGSBQQIBBgBkgUECAUYBKAGA4AHgbrUgwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCv0gHSCAcIiGEQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=e6fvu_RjXag&uach_m=[UACH]
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 76EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

72ms
72ms

Image
text/html

2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H3
Server: 2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 44B9 222 KB
61 KB 59ms
10ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 44B9 16 KB
6 KB 57ms
9ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:58 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 44B9 96 KB
29 KB 71ms
22ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 44B9 5 KB
2 KB 74ms
25ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 44B9 42 KB
13 KB 72ms
24ms Script
text/javascript 2404:6800:400a:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 226231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 17 Apr 2022 16:49:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Apr 2023 16:49:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 44B9 8 KB
892 B 81ms
43ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:49:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:11 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 44B9 3 KB
3 KB 39ms
2ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:04:21 GMT
x-content-type-options: nosniff
server: cafe
age: 34550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:04:21 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 44B9 344 B
368 B 39ms
3ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 18:59:42 GMT
x-content-type-options: nosniff
server: cafe
age: 45629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 20 Apr 2022 18:59:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 44B9 0
0 37ms
37ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAU_sHwzFWkHfOPy2LX97ssSPDwtepc0FgktPhiycKlbctgnN3tX9qhZ8ZSJfYPjeFxA5EwbDLTblYjVlxsaJigz9E1g
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 44B9 0
0 42ms
42ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CN2yZ27hfYt7qDpmRqQGW_JqoD5qk7Kppo6XaoqgO2tkeEAEg8tO5e2CJ88WE9BOgAZmJz_ICyAEB4AIAqAMByAMKqgSGAk_QSbyjcF3HiFbCtZ-g6tMGuc3rwXy5FW0ZFAs_ErovO0gqS6RnVG0hmzgH5XyPPn_IuYGwkDzD0PaMkcoeIhwz9f3s9TM0erxfTslUvtmP-IujWqpakDdyIZiJhhBh7essj2cTagSGz5qZq2IeLfSEbaot5lgqjMp-ZpdnaVCtHBIqDMBA5Kkb4aCVz8b0tjUtWYdNDqkqjj5TqdssvrRmODvkdna-OTFjmGhIVDwZWeVQ_rIFEXSy89S19AGBvOUjCj0Sbc1Pems-A9-AvDfq7jo2eLcpAXWDDOPi4Yt7vwjx7Txiz_oYHXmPy7Z3xfhjzw33RxSGq5V9ikHOX3vzGno6KPnABJPtkO2_A-AEAaAGZoAHz_awjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDy3wPSCAcIiGEQARgdgAoDyAsB2BMDiBQB0BUBgBcBshceChwIABIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=3jvUkZacymM&uach_m=[UACH]
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 44B9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 173edc4b4d0a657b44fd200f7756f37955b518d0d469a827a6b5abd0d6e24216

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 44B9 28 KB
28 KB 3ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:43:37 GMT
x-content-type-options: nosniff
age: 32194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:43:37 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 44B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

53ms
52ms

Image
text/html

2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H3
Server: 2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame F00F 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1041368278&adf=786905601&pi=t.ma~as.2715683798&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410901&bpp=1&bdt=473&idt=264&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=COoNrO85rn&p=https%3A//gbhackers.com&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc3f2293f6503ff6ee63c2a69421d235a0f7881a80d89dd407ec2f15eda63fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7964
x-xss-protection: 0
server: cafe
etag: 4741051639382073774
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:24:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F00F 8 KB
714 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:54:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:11 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame F00F 14 KB
3 KB 79ms
2ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 13:04:32 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame F00F 347 KB
120 KB 80ms
3ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0900693ba4018c6de9126b543a8a3c50080eb74d1ed0696e5cc8fca0c0c99513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122258
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 13:04:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F00F 15 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:33:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F00F 0
0 36ms
36ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLf-9ICu7sZYmUCUC8V1JFgEHadh3IddDPiYARY6AhKC-IdmiUZvSPVQlm36tBuHfLHJFyzHVafDubSz2khX93wXZrxQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1041368278&adf=786905601&pi=t.ma~as.2715683798&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410901&bpp=1&bdt=473&idt=264&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=COoNrO85rn&p=https%3A//gbhackers.com&dtd=266
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 5434 8 KB
891 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fc1b2d9aba57e8f207c9272af85d95eacbaa7ed664abb4fdcfe3c9fda7c1f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 07:00:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5434 2 KB
904 B 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:38:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 5434 19 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:39:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5434 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:40:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5434 119 KB
36 KB 146ms
98ms Script
text/javascript 2404:6800:400a:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 07:40:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5434 15 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:37:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5434 0
0 36ms
36ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYYhB-feb23nSKUBB6woT_PL0QcFonlQc9CD-eTk2GbmR8o-2Pf539Y0HvqmCrAJwlz0pVkeIYG_uer1FSDG29sBjqUQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame 5434 30 KB
13 KB 41ms
2ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 14:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 14:06:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5434 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTSxW27hfYuXRC5KOs8IP44yCgAi13YnQaeTHuoOiEL__uePXAhABIIqq9kJgifPFhPQToAGGmMmqKMgBAagDAaoE9QFP0IEfZFRlUEgm6d7GEmuWAVdqdrVAD5H3l5FoCuetNPJrwpdw5kHC9i-tCdItqIMFkEuMVJrKCrH2QlTbvknVJxb-g9hlxQAoJpYHA47hyWuvUz9jH5QFwcv-i26CMQOTNo_Q8GfnF2xgvDIYsfvRG68MA6awufST4V6HSLkryGEmLRCEArvzYjKqMjhckDyGGLErJYofEr_3mXCoJ-GxYKk4XwmL6-hYEW2fC1xzhaovorAlGpQafozqXYZ2vmOJhNSq6f53Ctm8vu68z4jTVkkT0RfiaSEiODDbayjPyjao5r8G-IMK_k5uzBNMvFKo4pfVp8AE64mQjvgDkgUECAQYAZIFBAgFGASAB4bQmYoDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmvEx0ggHCIBhEAEYH4AKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=PlxGzeWcHhs&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C01F 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=3886963407&adf=1155111573&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1650440411&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410897&bpp=3&bdt=470&idt=207&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&correlator=3544109014418&frm=20&pv=2&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=73HIAEbZN8&p=https%3A//gbhackers.com&dtd=224
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:54:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72D5 1 KB
749 B 4ms
3ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 23:28:49 GMT
etag: 48472445140208031
expires: Wed, 20 Apr 2022 23:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5434 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame F00F 0
327 B 110ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l279lw27&c=7137300746038&slotId=3568650373019&qqid=CInzutORovcCFQkJYAodgqIAXQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F00F 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 202282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 23:28:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F00F 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:20:41 GMT
x-content-type-options: nosniff
age: 321570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 14:20:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F00F 0
20 B 37ms
37ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C5I--27hfYsmZDImSgAOCxYLoBdrviYRpocnnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMByAObBKoE-QFP0G85mX6FN31ggJn07gJDJ4EKjcCJVkY5Nn2vUYZWjB82HcuCXBrOD6hj4kIT02h3Lu7-gWkau12tvBHGZ4aWAiOVCk3R_cQennshXVDxycgw9QlB59tWxYbILVqvRi2xiYE9iaVQB_DZEAA2rYuVoSiwwWvP4tzXospwXdheGWuM43t5Mp2FA8hcph4g8dOZE9z4Rw21F5wPQ3YuzlW7Wr70QlgdyxapnYDEIUAu_4wNCZD6bUtPwAhTQ_xqg1hj9Ri7rSoBS64oX8EXEQjN6JNYpwSJLDy8FfaykE0jBKo5lPlg0K6b0H9VAegiTCopAHFkdnMnWmfABN_23tWABOAEA5AGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOplPcO0BMA2BMNiBQG2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1650440411822&ai=C5I--27hfYsmZDImSgAOCxYLoBdrviYRpocnnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMByAObBKoE-QFP0G85mX6FN31ggJn07gJDJ4EKjcCJVkY5Nn2vUYZWjB82HcuCXBrOD6hj4kIT02h3Lu7-gWkau12tvBHGZ4aWAiOVCk3R_cQennshXVDxycgw9QlB59tWxYbILVqvRi2xiYE9iaVQB_DZEAA2rYuVoSiwwWvP4tzXospwXdheGWuM43t5Mp2FA8hcph4g8dOZE9z4Rw21F5wPQ3YuzlW7Wr70QlgdyxapnYDEIUAu_4wNCZD6bUtPwAhTQ_xqg1hj9Ri7rSoBS64oX8EXEQjN6JNYpwSJLDy8FfaykE0jBKo5lPlg0K6b0H9VAegiTCopAHFkdnMnWmfABN_23tWABOAEA5AGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOplPcO0BMA2BMNiBQG2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F00F 32 KB
17 KB 220ms
78ms XHR
text/xml 108.177.97.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ACAevrFD2xLwhUUlZgsGnEh2t3l9hTCV1vqAML4OIJDN4P2U9dJ-Ss2KTNew6rFXe9IAwwbapO6wKmB68vp_g_9xYrMg&cry=1&dbm_d=AKAmf-DmqTQQu5F6G9nY5pLdx1Ia9cNAG4O-Fo_AHgTomD_gbZ6Yzm41My1DPYj3gD5PdXRB9Rygzb1s4vfnesmglLEsXx-QjRLgPIFIujw4muPEOxGy95OunKZK5yf52ki5nQZDJ8V_cx1dotAtz-09BQ2iBHFYQkGOfmLHtJJZdJsjaQvjtrwYSOJM5ZfBQ3vW1PjoFhVm28t8cLb_Sil37vcBP9TrXoixjG_yvlDxQpPbERO4Qg1tJeGtY5EQ0e0tcCpKjykrZ7kD-HNaUjeedzzKcb5vOz72MQzf-3vqOF8r-qT_QpjkcZ6kkcvkVkbNy8pO5ztYKfjD6VkiagjCse1ORMRIQ8uk1PhKLTxbfbfkrxeAw6Lax4-OtNsIcK2GyygrM60MjObU0bsX78Elu05uYtsJQAcHZutQ9sRe_CSOBBnAqiJSOirdBEkdmrg2sYZ-MZSKNvCMzaC1TWXEjDo8r_-TMF4Sy-Jz2LMEJH8ifvst9FiS6Q0YMPhaOa_f29tRfs3UKm_kOzX1DNHRo_WoOT9nL0DA-7-ivbJ_W2icdRmXBuzdi6yd9f-UCu8x36STn2DgS7i5I2kStA22Nn1Lnrjf_y8PU1ORKnkOUmbyfa2AkIRs_5BiczD7yGY5XUy9ee3aKP7n1iQz_1L7hTRSkpaWY4H0QhzQNwbcpv_hSdJZVLBPvd_-TMKsuOU8GrRzPSzrz9MRnNCFY6MMgyd0H5jJYMXjbGecLIF_X9cLQ9fGVqLLQmcJX3C5ymLkzrWW4O1_53zQJ205yJVSYWuYFqmLat0o8ds_tSwTL8-WVYBeTexJYYsC0KRoaNYtjhSkQQiazSDhjqQZ3WMa8I4dU1uigezvCgM9qPTlkZZVd7r7fBcJ8vXdeX3gQNNNnbFeRiyfZ90ZCo29D3qDhEBGv7Mz7ZVPW7cuGUpdhlbYOQUPvx_vKOpz6E-47Lwa-cx9arg4feUw66idgtCHgwHq_fOhGKXSElHrIULs_vgzrJZIM9hwOG1VXEArkGzJkHQX3P4CdBjEAmvGdvOt1-4mjtCBQr8zuyJe8SFTgkH1N4Eo5XkBVDtRnamWLm06tIaPHHvxpNP5mgCWW2aq10XUe5LmjbB2Rjl1ONf9hCnoeF9t8QuBpjYyE26i1Gy4ifxjFp9ymYXklIosgpRubC0jE8Qlgr5gWW9_VVk5SAlDZ6XbrYnegrWA9rjS8ie9bK7X7ZEaAqMNH4cG5obzuPMTPbmIu5tBQm66160WmGac0BHkDwN-6ZsXGQAswmlctz8u2Mk2B91E8WgxVXK5XQFWhs43gk8udFjm22qddjjHgvIhsrZHOQuZuVq_2VcD0DY0YNmNF8UYD_6loUcgO0dzE5KS_OhSt0aEFXl1Zte57gOUMA7RTCqFxPb11njY2UY17SA_TPBxp1M9IceN6HKOlLzOVXpEZAoZASsqa9HepuCA8XdIyQ6fs2Tgfz5GP1qJGbd_-Hg6HAlHQnLFz__KSMcnZtHEf6PgNLrFWz1emrJOWcTyV2mwwXCm4-hwp9COnmS-qw1QK-o5mxPWrKR9_mUSuoLGaed4sb3TSA_4uArWorbtWdPr8WRAJpr_EfrG49skvUYBNKGlsImlBXCBwwPR3l_UMW-ME4HZ1NK9_lF_hyXxKp0cqYHXi2ssaL3Un1CyILXB7nm9X1hJkRj9GEL_YEuFm1hqWfku6-XAqQOKH23IJryuAlpuedD_hOqbvy-a2MoSvN5vra-RCsFEhM5mVniY9_YUXIvuramr7VMiGbPKk16-039GncEN4_xMZntjuPPfIIzBaC1YrR9KeAfFNHewP_XXdACy_sRyqJn5R_sNXdaQAD6x4SNp1lSI385Cz_qPkAc1xlhaWJnBNn7c9El9cuxOW9H3e2XKw5kjkXSrmNJX51l-sQuZTtKEhpzHAizhNw6vn49_1yGm0MGjMk-h-jiDJBAc3Zd-SGcBlEAK4h5RKJyos-yKVUEXtxqVDxLi2QtEvgK7IoYdKYVnkpjCP-nSR79pM9jxy4TXefQH0u5Hqcml4xcMjwCj-it0wN4IquO7W7LmQ_aOXNpvbdg3hfZLNx4SE_bFd58mHsS_dczXQ6n-tWifQUWytCinebj5tBc0BOYQX78848WJ-95zmZVWIKcM7HznJW2ciEx1iGz2TuTdtTMRPWNtzYS0WtAkXYkl_yyJ2bRKEWpfHsSUTOaC5Z4BVtymYlA4B4bkqQLaT2cu1_VylMROf82SFfRPmz3M1KerczG0dqFUaLMhm4g9uAlVmdWadClT2LpmfGW1OmZfWgW6awzmV-YWlAKh_Ep8Q3gBn60qKb4fYsMCtCFVH8ap2h8CNZ61QSP3rXi98Yge9YiAnpRdm9dKKDg1_r12347j_TGwWwX1I6Jv0iaFYHeIKXTVHwPeTNaO_pdoBLRo6fvnmQgaNJRvyk1aktb5n4EUDsSN3ftroblpQtu-0cfA_uDv2Ywe0EvXvlNVlwwDnleKt-7QONMdVHYQ1oRaHV2byq6urR-nxwwI48A0zgLwmIJycu4cbHwgXwZ9guzXNQZto2u3NBX6u_XS7H2jRcejfP-m2-qYqClQwWyIu2pXzBiD--WU9Qvq4rFP9sKgBNHqt_6T7rQPs7ykiGn95gfZRFTdHLsuXTWLY1zcbGrTrmDoQm3YXuWlBlQz_-JVVUw2Hrgd40LGnaUa4FlFPCdOeLMFLrB5YNb4FqaSSEuH-fJz2mot3QpsZtRqm2CZb0EYrSdqmhGM-dj2bdWkU7O6zyx_ulgbADtXupyc5fQhdnCN-jRZsG2Osem_Gp_M800fnrbkNHbuOO_sIAzvoL8xp1oubC7IE-bnacuwVKgxyxlGYQStSVpig63IsH8A85BCAzSnrdtV_VHuz_L6X9Wsd1lJSlbbN6c1vVslVxkjyDA_bJ9TfxqdBclKeUW0rjlDcSKF1LuF_Im7agge8Jt18R3Ev57cAyG22dQX46lmJmwCaYSQmmOBtRGjFMdpdxMaYjFoqM-KNFzfAqpQv78zTftKhBuXAJiAiyPopJYk1xmh4i7MdZGeFoc0p_IK1xSywm91jF41&cid=CAASJeRo9-0mGdL6JxExBUQrMVj4oGc_tVgEsbXnAPDjSgGDbO-4rmQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

53f5a4f5d040d6f14d7d2396b34f53671ede596e8928ef98773d7264586ac5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16858
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F00F 0
0 41ms
41ms Fetch
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl_Mn27hfYsmZDImSgAOCxYLoBdrviYRpocnnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMBqgT2AU_QbzmZfoU3fWCAmfTuAkMngQqNwIlWRjk2fa9RhlaMHzYdy4JcGs4PqGPiQhPTaHcu7v6BaRq7Xa28EcZnhpYCI5UKTdH9xB6eeyFdUPHJyDD1CUHn21bFhsgtWq9GLbGJgT2JpVAH8NkQADati5WhKLDBa8_i3NeiynBd2F4Za4zje3kynYUDyFymHiDx05kT3PhHDbUXnA9Ddi7OVbtavvRCWB3LFqmdgMQhQC7_jA0JkPptS0_ACFNDpGspnvBXbSkig-VLI8wlXtZyngyCOpeCrW5zI7aR_5uIs5fTj5B5Inb-tmxcpjaXC7ZaBjGN7Zh2_sAE3_be1YAE4AQDiAX-nc2fPZIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDG3TkY663vxAHSCAcIgGEQARgfgAoByAsBsBOplPcOyBPQgszfA9ATANgTDYgUBtgUAdAVAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=DWtrpN3pLY4&uach_m=[UACH]&cid=CAQSPACNIrLMWGQtgko5s23QKe-8vg1KmjzTl3xvu5qG3p5VuZ-DwLyAIpY7UAKMFgH-Vjwqa_b1CVxuk0fxQw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1041368278&adf=786905601&pi=t.ma~as.2715683798&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410901&bpp=1&bdt=473&idt=264&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280%2C300x250&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=COoNrO85rn&p=https%3A//gbhackers.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Apr 2022 07:40:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5D6 1 KB
749 B 2ms
2ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 23:28:49 GMT
etag: 48472445140208031
expires: Wed, 20 Apr 2022 23:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F00F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 528ce763e260a619b4b10dd4f12bf79f19cfe3fadfe47059c83e36ecbe562ab2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 72D5 35 B
464 B 218ms
70ms Image
image/gif 2620:116:800e:21:b25f:f2c2:3600:d81a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO1XUYFxaMZgeBBfPVGp9F0&google_cver=1&google_push=AYg5qPLR1D48qlHMc3z40fLvF8x7AY7PTeOtozIVbNeXvRmtnuRqkvs8FDDcoxKNgtw3ddUScN1uXnWt8Mx8skVVCISj86m-A4tPmg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:b25f:f2c2:3600:d81a , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72D5
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCTEBmdHhOcg&google_push=AYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5uRHpuLFXSLOpmVUxWrSU7tEukfhjU9jgKsnMP5xNKYPvs2kYjnrfMHw...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCTEBmdHhOcg&google_push=AYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5uRHpuLFXSLOpmVUxWrSU7tEukfhjU9jgKsnMP5xNKYPvs2kYjnrfMHwYQiA

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCTEBmdHhOcg&google_push=AYg5qPKEhQA82BqiV2O3ZvRki9LdJ4nzBtetquge9O5uRHpuLFXSLOpmVUxWrSU7tEukfhjU9jgKsnMP5xNKYPvs2kYjnrfMHwYQiA
Date: Wed, 20 Apr 2022 07:40:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72D5
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHagy9gdqKvsJF1b-7TLEhU&google_cver=1&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q
https://rtb.openx.net/sync/dds?google_gid=CAESEHagy9gdqKvsJF1b-7TLEhU&google_cver=1&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q&google_hm=YpsXRYRkweMTWR0OK1zuDw==

170 B
188 B

70ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q&google_hm=YpsXRYRkweMTWR0OK1zuDw==

Requested by

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXan_kHD7V13cs9mtlztqZOiXiIwojaK4IjVF6nPU1eRIKFCjoPpCffZRdig3_aA8Ya4s9T9r4XjskVRQ0NjspO2PhoOZJ-Q&google_hm=YpsXRYRkweMTWR0OK1zuDw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: c0j0a14crfklb758lf7ih410h9jh849r

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72D5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGd0-NGpT8TqlBBjn1PF9_Y&google_cver=1&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9Lb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTUotMjctN1M4SA==&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9LbQ6EJR2wMDL1wmvs20jIEHZuQY

170 B
188 B

40ms
40ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTUotMjctN1M4SA==&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9LbQ6EJR2wMDL1wmvs20jIEHZuQY

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTUotMjctN1M4SA==&google_push=AYg5qPJG2ERGYp_DeX4d9316PyGtiJNTgsaVxtjokly_6GurgFjfAPCh7F8tJK1ygh9jAG_a9LbQ6EJR2wMDL1wmvs20jIEHZuQY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 72D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eM...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 72D5
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEH1Z4ZB_BYAyU6aWxBOccxs&google_cver=1&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 72D5 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 72D5 0
223 B 80ms
36ms Image
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaS-x0mkmqWXm8se8W1e87xiJMMY8Yq5szOMaRSaCIx0I_7O71fqz4oismAazP8xrIM1bj8A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C01F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

75ms
75ms

Document
text/html

2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:12 GMT
expires: Wed, 20 Apr 2022 07:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame F5D6 35 B
463 B 211ms
71ms Image
image/gif 2620:116:800e:21:b25f:f2c2:3600:d81a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL786Bcvhij8cZKFkfYU5_I&google_cver=1&google_push=AYg5qPLKyN7GXQeO3dxd0skqI_gF_LsrS4Coht0rkiDCcDa2xxmCCCGKTDyTrUzHn_ZGOmuq9eVtQe29M0rFmcEnU7GJrKv934p7

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:b25f:f2c2:3600:d81a , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6pnokkWg7l116G9xF9PewFYm7sRlHtKTmnmUzlSfqU1FiMB4eLYL...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dZMq4lPQl0Lm_bSBKZVTPE&tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dZMq4lPQl0Lm_bSBKZVTPE&tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6pnokkWg7l116G9xF9PewFYm7sRlHtKTmnmUzlSfqU1FiMB4eLYLsP1ZKzEMZhH_O

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
last-modified: Thu, 14 Apr 2022 22:07:14 GMT
date: Wed, 20 Apr 2022 07:40:12 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dZMq4lPQl0Lm_bSBKZVTPE&tap=gAds&google_gid=CAESELdXj_Fy4-LB1LEC22g_h7c&google_cver=1&google_push=AYg5qPK4hkDpK-0BBAcY9NMzG_1n6p5hK5t6pnokkWg7l116G9xF9PewFYm7sRlHtKTmnmUzlSfqU1FiMB4eLYLsP1ZKzEMZhH_O
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEH7hc3ifvHzz1HR2eA791fU&google_cver=1&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ
https://rtb.openx.net/sync/dds?google_gid=CAESEH7hc3ifvHzz1HR2eA791fU&google_cver=1&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

170 B
188 B

71ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJl27blQAQ6zNFmjlV08Xgf3gAYh32Bd0n_vRJzELz6hw_Q5RUaZvjRt6U17-09ZtTKnTtWQsN_LLj3_kbOMzNgnx0qixyJ&google_hm=1wG-2P2qwaUCPZOZoQK0nA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: v49bkg808g2a91cup3ef9mcp7amssdoq

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
243 B

64ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSnI5hF6ApCf7JNSmyqioB-ddvtYYYWtXfHw9rtjrVk7u7qRAqy4Dm5QFsQ7SSko6q08CSqZPYJ4GYpf6-A9YXLv44mf4k

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSnI5hF6ApCf7JNSmyqioB-ddvtYYYWtXfHw9rtjrVk7u7qRAqy4Dm5QFsQ7SSko6q08CSqZPYJ4GYpf6-A9YXLv44mf4k
date: Wed, 20 Apr 2022 07:40:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYUXOvmjoEpk1pWWoiV2VM&google_cver=1&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTjktRy0zRDZR&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXsM_q-_tuqCybCbNTfreLjmxj9B

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTjktRy0zRDZR&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXsM_q-_tuqCybCbNTfreLjmxj9B

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXTjktRy0zRDZR&google_push=AYg5qPKGQcMN77sEfol3XYzL7QlZReKj8Xcb0b4SiHnLlx2x9NRGpVw0po3sFtS4J98qmZb2tXsM_q-_tuqCybCbNTfreLjmxj9B
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2B...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame F5D6
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKSsXBhV0YZ-3wkMFG4g7M4&google_cver=1&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fb...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F5D6 0
49 B 72ms
36ms Image
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1TFqoXxxk0JqXAH7e-BCCyiBJaS10j2woWSJ8cL2thAMgqQfNgblt9_OUKWBkxpDdHqXK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index_0_250.m3u8 Show response
streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/ 667 B
775 B 70ms
70ms XHR
application/vnd.apple.mpegurl 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/index_0_250.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 379579bc4160bf2fc61a12ae392d7e835ef39f174b1fd51e8043c044c84fd22d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
last-modified: Mon, 28 Mar 2022 10:10:26 GMT
server: nginx/1.17.10
etag: "62418992-29b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 667
x-hw: 1650440411.cds035.si2.hn,1650440411.cds030.si2.c

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 145 KB
51 KB 58ms
58ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

50dc367c28ef55c913b2ff3a3e255c1638e14741a6ca6e21b05030beaf201015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52688
x-xss-protection: 0
server: cafe
etag: 7934339553369937987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:40:11 GMT

GET
DATA 200
OK truncated
/ Frame 5434 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cef38957fb773a3e5d8111b60bd459a44879018f78ad2619ff1918b6c76fd02

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 5434 28 KB
28 KB 4ms
4ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:43:37 GMT
x-content-type-options: nosniff
age: 32194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:43:37 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 21ms
21ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3521
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6fec3afee91534c9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 20 May 2022 07:40:11 GMT

GET
H2 200 index_0_250_00000.ts Show response
streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/ 640 KB
640 KB 73ms
73ms XHR
video/mp2t 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/index_0_250_00000.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: f398441c3e2fa40ce67b6b25acbfce9eaffa7ce0701d6ba523a002d11f17b03f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Mon, 28 Mar 2022 10:10:13 GMT
server: nginx/1.17.10
etag: "62418985-9ff4c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 655180
x-hw: 1650440412.cds035.si2.hn,1650440412.cds003.si2.c

GET
BLOB 200
OK 3b300ec7-b7da-410d-954d-6be22440f90f
https://gbhackers.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gbhackers.com/3b300ec7-b7da-410d-954d-6be22440f90f
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 8ABC 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2315524698&adf=2169656816&pi=t.ma~as.1238950596&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410900&bpp=1&bdt=473&idt=252&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mZcQ0Lwca2&p=https%3A//gbhackers.com&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:39:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8ABC 8 KB
714 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:56:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame 8ABC 14 KB
3 KB 41ms
5ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 13:04:32 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame 8ABC 347 KB
119 KB 41ms
5ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0900693ba4018c6de9126b543a8a3c50080eb74d1ed0696e5cc8fca0c0c99513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122258
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 13:04:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8ABC 15 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:37:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8ABC 0
0 36ms
36ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdccT-aa76KFPeK2EjcbGMBvmpdLR6_R0xPl4sUAqli5GeCBJkq0fw1yYlbEmHnRIZbPQjfappn0FSu_IvZtN--A6WlQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2315524698&adf=2169656816&pi=t.ma~as.1238950596&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410900&bpp=1&bdt=473&idt=252&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mZcQ0Lwca2&p=https%3A//gbhackers.com&dtd=255
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 38ms
38ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gbhackers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/ Frame 8636 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 12:13:59 GMT
etag: 14837630671339829333
expires: Tue, 03 May 2022 12:13:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/ Frame 6B15 10 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 12:13:59 GMT
etag: 14837630671339829333
expires: Tue, 03 May 2022 12:13:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame F00F 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 04:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 04:46:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame F00F
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

195ms
3ms

Fetch
video/mp4

2404:6800:4004:31::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C122694D9BB694E8FD0319747D4952AF2623681.7B1E51A63191BD72441FB7C0A15BB7AAE2D79033/key/cms1/cms_redirect/yes/mh/n6/mip/2a00:1633:128:4::2/mm/42/mn/sn-oguesn6y/ms/onc/mt/1650440106/mv/u/mvi/5/pl/32/file/file.mp4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

HTTP/1.1

Server

2404:6800:4004:31::a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 07:40:12 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1323289
Last-Modified: Thu, 10 Mar 2022 21:41:53 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 20 Apr 2022 07:40:12 GMT

Redirect headers

date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C122694D9BB694E8FD0319747D4952AF2623681.7B1E51A63191BD72441FB7C0A15BB7AAE2D79033/key/cms1/cms_redirect/yes/mh/n6/mip/2a00:1633:128:4::2/mm/42/mn/sn-oguesn6y/ms/onc/mt/1650440106/mv/u/mvi/5/pl/32/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 8636 4 KB
634 B 37ms
37ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:49:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8636 205 B
229 B 39ms
3ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 202283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 17 Apr 2023 23:28:49 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8636 604 B
628 B 38ms
3ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 22311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Apr 2023 01:28:21 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 8636 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:16:16 GMT

GET
H3

200

B10454358.305017400;dc_pre=CLrkk9SRovcCFQ0kvQodToQG1w;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame 6B15
Redirect Chain

https://924-img.c3tag.com/v.gif?cid=924&c3=N349404.134426GOOGLEDISPLAYNETWO-305017400-152005930&creative=152005930&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETW...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_pre=CLrkk9SRovcCFQ0kvQodToQG1w;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rd...

42 B
63 B

87ms
50ms

Fetch
image/gif

142.250.199.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_pre=CLrkk9SRovcCFQ0kvQodToQG1w;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Server

142.250.199.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.305017400;dc_pre=CLrkk9SRovcCFQ0kvQodToQG1w;dc_trk_aid=498041356;dc_trk_cid=152005930;ord=2181934307;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B15 0
0 44ms
44ms Fetch
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNRuF27hfYq_ZDI3dgQPci4-ADfiZ_Lxp9-KO5OUP78y9mKQaEAEgiqr2QmCJ88WE9BOgAfDwlfoDyAECqAMByAPJBKoE5gFP0HoGX63V5SE8-t6SbdgIifk6Nek0TDPmb9Ubf5IlkVfIjp5gr-fnpOXA8gtjemwdoAW6SalLQkn8wU_zNaioQcScM3x6ftizUG3zf2hGCKvCTVFkS4QNRslGruWtLA6I8Ne-OIDUk3Jol1OIQGMLhKCHtc2Xz4T14dVdFevcogq6YYzl48Ir1oDCLRkGTyFnBizfK8eW2YuksPYN_1mCAoZzh6YGyMFunu626W1K9nmwVYqgdeSbSMQUhUKDQ-TEUvdtRMZbxUSFQTCXQAU5SHSz7Nf4xkpfKzGzKjq_6PoPd0kC_cAEo8LnweEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5ykyWeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDwulDSCAcIgGEQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTUzNzI3ODYxNzQ3NjAyMjgYAA&sigh=7qm48lzAdCU&uach_m=[UACH]

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Apr 2022 07:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 6B15 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:39:50 GMT

GET
H3 200 15774463676020615291
tpc.googlesyndication.com/simgad/ Frame 6B15 42 KB
43 KB 5ms
5ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15774463676020615291?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qke_q93wn2rvOjRfgArvGQAA3lsIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d279f2c6f6478c35e1c6207bc709c0ef79c5c71d143b743f011f08abce82ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:14:48 GMT
x-content-type-options: nosniff
age: 440724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43517
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 05:26:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Apr 2023 05:14:48 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 6B15 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:40:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B15 119 KB
36 KB 127ms
127ms Script
text/javascript 2404:6800:400a:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 6B15 15 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:37:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B15 0
0 36ms
36ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShQTxr-q3iXuP2njsUKJPvBRYt98D1OdnrlTnB9LqBbaMMaqR277x3PgcjYqkfD5X0hrUhpW8uU_OKOdO0odYC_vGIgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 6B15 29 KB
12 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 00:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11979
x-xss-protection: 0
server: cafe
etag: 7739490655680154556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 00:52:30 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8ABC 0
17 B 72ms
35ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l279lwb2&c=4681226473012&slotId=2340613236506&qqid=CKegutORovcCFRSRwgodblUIWA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8ABC 15 KB
15 KB 4ms
4ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 202283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 23:28:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8ABC 15 KB
15 KB 3ms
2ms Font
font/woff2 2404:6800:4004:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:20:41 GMT
x-content-type-options: nosniff
age: 321571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 14:20:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8ABC 0
20 B 39ms
38ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CzZTo27hfYufGC5SiigbuqqHABdrviYRp6crnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMByAObBKoE-QFP0Ivl5hZqKO7hyM5VaaVkhhjUbSYDjng2U1WUA__VV5KQ8errM-yi254b89qamgPRoN4vDCUkLKlUQbNzScnRa77vTA9CrYc_KQXBtX84OdpHi8fluI7R4-p3qtt0KoyYTbP9I87AHbUvstFIaLWpesikJ2wlHZLZUWzvF2-Kn9aPLAzMNvf9RWp9Xy2HJ9ZGa0MW_r2XZD83FSm5VrmVcvUBS-H5SSsl1wLScg-TLKUSoFGq4YZkfmJiScHJaHHDZBzpIIxDTX5TfKLg1lisIDuzU2sGIQAie4xGeG0PbDa88vL16Dp0WbDffzBCeTtBNeh-7c9STDLABN_23tWABOAEA5AGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOplPcO0BMA2BMNiBQH2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1650440412115&ai=CzZTo27hfYufGC5SiigbuqqHABdrviYRp6crnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMByAObBKoE-QFP0Ivl5hZqKO7hyM5VaaVkhhjUbSYDjng2U1WUA__VV5KQ8errM-yi254b89qamgPRoN4vDCUkLKlUQbNzScnRa77vTA9CrYc_KQXBtX84OdpHi8fluI7R4-p3qtt0KoyYTbP9I87AHbUvstFIaLWpesikJ2wlHZLZUWzvF2-Kn9aPLAzMNvf9RWp9Xy2HJ9ZGa0MW_r2XZD83FSm5VrmVcvUBS-H5SSsl1wLScg-TLKUSoFGq4YZkfmJiScHJaHHDZBzpIIxDTX5TfKLg1lisIDuzU2sGIQAie4xGeG0PbDa88vL16Dp0WbDffzBCeTtBNeh-7c9STDLABN_23tWABOAEA5AGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOplPcO0BMA2BMNiBQH2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8ABC 33 KB
17 KB 186ms
81ms XHR
text/xml 108.177.97.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CIhy2Dm6pZt83M8hwFYmkZUy6fJqfprdjkAEjOW40A-2QQJj5p4WlzP0gfzV4JXH8qfBuX7vBjrI2soIrPUJoWnKgTlg&cry=1&dbm_d=AKAmf-Av5JuZbiWySFggHA74v1vtrIe3booOzxiQE9P4iayFF2hVAC9Wds47jyl2tGCSI7J4LW6abaU53Ls2l4lzFUJOrdPMRVT4nFZYypW6pdl-2gPm43dG11d-LCxc8FWYrF5VGvmqDPl7us-2ypceNS5kujYTgjMLbQkek1vgm8fOhiLYMTHlCZPbvnCKagof3JWiMeUl_hTX5uRYxB9cxJZLZvZL49RPM0rBKHYChN1s4y4MOfQVM1FKWKKiWCnE25kH8pPOaa7Hp0pzuwXLIYVhwEqiI22sqh8J632Hc4s9uQacpTN-mswPR9fHc23POhnkFFYUX2WwXHtlfMwFtBgQUTW3u52WyVg4briZSRwL99EwU8pE-eKUb3yXmGPRfPWOYXfYfNXShly6Tk-0iWumCXwwhry5yg_f2FPPEwg1Obvoj_2kL94C0ZLzz2RxtDk37q5cndesrcQNZvDszxea_Ro9R_ID6oaxk__DhuY2ODQ5hrhoh4tW8ifxICc_vI2oWYmcsmxE6g_QAhJnfLNJtHwPXu3Bwy2E0iMwDuRmL1YsbVxvxqddI4RYlUXZ-vRzCPF0RLxVCS6fAK7kUjWUt67fhz6ziwZOKhEZeftFlQ8pH1vdnVSQM6CwW9IoBdZpzTT2mGV5tyYQcSkXgGeBQw2pxrKzrnTRAzQebm9WEa9I-Pw0ClfpXaJD7e053JKE_zSmQ8QHbzE4Pgg2jTrD4lbZOqFvMQB4j-xzwy2QvCMJhIdpovi1aRl4jSdbrO42yHalipNZZDFhOE7jwQLG0YrzJvqJgka-tEvhBEj6fyj7CMslgc7mq5LEgrEjUBE0XUrhABGsesXVIyGXCuZwYgH-trWj21e9RyBBHbbu33ars6EwKXLRLmIaeOeu3f5xR06e5JsQFzbfw5eQBI2pihFBu9at25DRbT8CHZEuoPIelN2SKdXkXb6ohwBXoWLcKZlGv-1z8WfQ6Qp3NzvDW7_nRyghf1tz5nn7Pk-jG2eeWi2fHhUVLT1Y7-JELx_Q5mA0hdha6w5tIGn6SU4cnoEQo9eFyqbSNea_2AazJOm9BM-po1jNXm733JGbVwdfYR3WguWQ1An4ZBOXM_0elde83abrGuzpa1fXkUXuMR8aFdol5N-qu_8njjkS9bz7e9h4R85oSO_dObNbhHE9JC-pluIou5JBrAOx7F_4E50YD9SoVfSBH2NtIEZhY7srVvvlqQgyiKzDSgO86sFK45TiqG61nw7S6EGpdR7WhXokHJY2CTyM69tYt2gAcirI61-soZU9TV0SWE9-dXzb_ldR3s7Cc0F8xzJ0BcKlLekXDj9hTU_9nSgfCpBzOmLcWTTlXixyGuYa1H7DqXiyNxT-J8yRJ4M5C0GZTVyr7isy9R5lJL6ZL4qVP7sBSRbU1QB0iprHyGvEsviLTrNjx8-CEOZzDowiAhHFG3XtVGBWwRIX4vBEB7JeB4Jqp0ssqdOm7grudOyARUQZTQ4eTB8dasFo7_SipxkKZWMFaywD2L33gqWBq6VFVlOEfl8k5Cs4eosK22cpTugLubYQK6q5qEsttDm2-EYChYDW6iGXFMRNXwiuC9zy4iCShfTPC2xLfSbIuNP-laTWNWMyoHP6_CfDtDEH0Ep_s13RYLSuIc4hEFuGlIvF4DDM7X_Aw84f2CGomTTlu914n0rwqIViWblWAnrt7KQ-A9jC2pE4ANIVJGDJBq2XfX8mmHLpbwI1sVb1b4IZnqRqjHtjQ_MK2aIXL3_qQ_7i2LMXBmrwXNuWdYeUrKMvY15kM0KNa-e5TsJW6yqp6M2qmzpzBIJxxHCCb6o7zZWY67OhNv951fegSDAbhj6oRKMnMAy83donxEAaCTBOwFnXt1ovn--PfD3o-alc0wo9Lt9Zjp0RP9B6OBcZf8LV5xcEV69cexgUm04WfMh3-45mxrSlxbaUwt53nP1goHINbd9geyt5WeFXVGDia2WqYbi6TSXpIpNeq6J1IlpsdIW23MW1DuOktFR2XKdaoonkKV15wi9YLYqCT9cltBnYob5gOXjI_pLSfeJU_dxMO6QIylyjAZL6Cz4WPydDupD0Jb-pFa_fLqjiyywH8LGEGG679_DDVa9OVk4Jm-4P5wS6s4YsW5QKB2ZJqNf3WFtWr0smcUZbrNB8dvZs8GwXgDi_W9DXiSWraEUYMCrsPLHWpqNnaVQ2kpPlpE9bEdb15EPEt5t6XH4O8l0-iI3a_jwlvQ1P8els_3tW1oS39Brc-G7tGJUPKefpTqlj6W4auIyQWRx1JCOCmA__NRtCOxOxupD6uxLj1M1teaN9QfkLz4eE7UadX3ETgb_92lGgRxxuBmJ1vu_1NbkhrflegZ2ziibG-aMKwCpr2cY2pKDHNqjRowrdylvMj6pUwOuPVgUkp91MMtaAWSUaPRwATUNaN_q94bNG6CV8exykFoTF5itz9iWqeuogzrlwsPGuIdC62IswMp-jQK6ZYdNM5prxd8kt5bGCSPFUwsWYGPNxe8KFVGzRKxrk8B5ymETUrpYdoW85E26tSz8n52XaQobq8ps9YzWbt3kWYISUMuBoKaiGYq_uMow8MOl5CTKtcOkMgsNMlr3m1FZTosyk86EFKwC2VTgrePBG677paVBVdCQTAbg5Slviz7-yVl7Uwy6e2uVAyLx_6tKUnjPuwDVA6UK1C9kB9jc3mUUmsp0SQmsst7c_Dq_5dLOTOGzWJYv9I6Ebcyu5Sxzpr7Rt2z061drxbXRSAYVNhPLCW6eSLREu3tl5u2maI26HLhGcXs-nXfxgfHvAj6iWM87xMirkYauJ-n2zTq1HQob1eV8Wx7gGTHB6B6sbFvY6ArfTQMee9MfFMtnP2vLtjxdtB8en7ChA-LPc5lTi_UYLfPFPgB4SgNOVW4XCA1Y-GeADuEgWW_vpdyXuhLyOIluujWX6teIklu8iIKwzWYZVS06Z_TKCuhPQUH4cxW1KdEVBFnOTaIV-_QxC64sHS2-aVpnGLKVbm6Aqc02zWAJRoOOizKqufKdq4vXTFxyraXnkH1p55OCaXnXOLlAz18W0Nr0L6rVuQP03&cid=CAASJeRoPbT13DsdRO0lPW2Qo0JcKnq35Djq8rQYbY3BnIbBstJO9G8&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

29bbf09cb5490a7e69b73237ebdd67b357542db2c737624bc8aca273d75c3e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16972
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8ABC 0
0 41ms
40ms Fetch
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9JZg27hfYufGC5SiigbuqqHABdrviYRp6crnudUP4KCh1KgfEAEgiqr2QmCJ88WE9BOgAYyT-qsCyAEFqAMBqgT2AU_Qi-XmFmoo7uHIzlVppWSGGNRtJgOOeDZTVZQD_9VXkpDx6usz7KLbnhvz2pqaA9Gg3i8MJSQsqVRBs3NJydFrvu9MD0Kthz8pBcG1fzg52keLx-W4jtHj6neq23QqjJhNs_0jzsAdtS-y0Uhotal6yKQnbCUdktlRbO8Xb4qf1o8sDMw29_1Fan1fLYcn1kZrQxb-vZdkPzcVKblWuZVy9QFL4flJKyXXAtJyD5MspRKgUarhhmR-YmJJmcjyhFD2WnuvJadN87cGPSG1zm1Kknx2wuF-Hyj_hW9gk7u7ExUfKePGIoPVabzp09ZvF1m4dILtQsAE3_be1YAE4AQDiAX-nc2fPZIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH3OyF1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDmuz0Y6q3vxAHSCAcIgGEQARgfgAoByAsBsBOplPcOyBPQgszfA9ATANgTDYgUB9gUAdAVAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=I7oICetioL4&uach_m=[UACH]&cid=CAQSPACNIrLMlT4UfPILjZJyHDaWCSDel5t8b98UL9rkdEgx2lXh5eRhxoRoyOojkn-n17-9qZDkX8s9IzGRNg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2315524698&adf=2169656816&pi=t.ma~as.1238950596&w=300&lmt=1650440411&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650440410900&bpp=1&bdt=473&idt=252&shv=r20220418&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccef21365edd77e8-22b25e2961d200ef%3AT%3D1650440410%3AS%3DALNI_MYipVS_dhbOtIQNzR6VmpgyCVUPjA&prev_fmts=696x280&correlator=3544109014418&frm=20&pv=1&ga_vid=107434288.1650440411&ga_sid=1650440411&ga_hid=630912523&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31066184&oid=2&pvsid=3292992065877901&pem=930&tmod=1504518484&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&alvm=r20220413&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mZcQ0Lwca2&p=https%3A//gbhackers.com&dtd=255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Apr 2022 07:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6DBD 1 KB
749 B 2ms
2ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 23:28:49 GMT
etag: 48472445140208031
expires: Wed, 20 Apr 2022 23:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8ABC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e9a25072bb147e135cb65dde637e12eebb8857f334ba7812e6dbe122813ddfc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F396 23 KB
9 KB 3ms
3ms Document
text/html 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 04:46:16 GMT
expires: Thu, 20 Apr 2023 04:46:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36B4 143 B
163 B 3ms
2ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:54:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26CD 1 KB
749 B 2ms
2ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 23:28:49 GMT
etag: 48472445140208031
expires: Wed, 20 Apr 2022 23:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A58D 8 KB
892 B 38ms
37ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:56:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 07:40:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A58D 2 KB
912 B 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:38:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame A58D 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:39:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A58D 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:40:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A58D 119 KB
36 KB 92ms
91ms Script
text/javascript 2404:6800:400a:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A58D 15 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 07:37:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A58D 0
0 36ms
35ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-j3HaD8oAkcm8bcTETPo9JZu5QI7bxK9Oe310dD8ftldaRRsmbgn9xyw3EvEdfnQIkatJNMX0tXIaILmsF02QEqFieA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame A58D 30 KB
12 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 14:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 14:06:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBmXXMFSF0dirP31ASfvTTo&google_cver=1&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2Sh8IfClXUJGkUuQVIvXaiI2N91nYlMYrFBH-ymxsI&google_hm=_nnlU3i...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2Sh8IfClXUJGkUuQVIvXaiI2N91nYlMYrFBH-ymxsI&google_hm=_nnlU3iLQQhabWTlk9HalQ

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJXcYV9wOUjCSgwukN2ayefAvGheczkAII3gnSzfwk7toO3QOPhn2Sh8IfClXUJGkUuQVIvXaiI2N91nYlMYrFBH-ymxsI&google_hm=_nnlU3iLQQhabWTlk9HalQ
pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzDtBxYfu5XfGEnu70ftSNT-_XFHh1F9GWeFfkFw0KneERvhkbRu4m...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=ahnSchtyYTadZegG_KdTw8&tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzD...

170 B
188 B

39ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=ahnSchtyYTadZegG_KdTw8&tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzDtBxYfu5XfGEnu70ftSNT-_XFHh1F9GWeFfkFw0KneERvhkbRu4m2qXIp1hGCciw

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
last-modified: Thu, 14 Apr 2022 22:07:14 GMT
date: Wed, 20 Apr 2022 07:40:12 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=ahnSchtyYTadZegG_KdTw8&tap=gAds&google_gid=CAESEJQU6ubB_TxSIdkPIzgZan8&google_cver=1&google_push=AYg5qPL-HLBGYxFXEBRvs2CeG1BWEKnT5YzDtBxYfu5XfGEnu70ftSNT-_XFHh1F9GWeFfkFw0KneERvhkbRu4m2qXIp1hGCciw
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJ530zenY1wkBOd-49Go7hM&google_cver=1&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

170 B
188 B

40ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJD3Okhr2gSt4V1EP_WbhvZJRb-_z-xBT9EDfdKYAqFBGWcSsohrRCbGWsfLItqRMLOPymI8D73agagS-0WvJFAvzMTY1IL&google_hm=1wG-2P2qwaUCPZOZoQK0nA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: hv2ui98uedos7ps4la3kqopb0e7fqj05

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
40ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKyVZBrWHvzzXnAEnmoBPhA37Vm9wLOReRcrexEvUrWFPqzMxBMJ-o-THumWakebFEccUwb0EBitQ3oSqn_6CjC6UqcNeIc

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKyVZBrWHvzzXnAEnmoBPhA37Vm9wLOReRcrexEvUrWFPqzMxBMJ-o-THumWakebFEccUwb0EBitQ3oSqn_6CjC6UqcNeIc
date: Wed, 20 Apr 2022 07:40:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEHkzbwq4q96XDpD89vkjv4&google_cver=1&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHT...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXUlotMUQtRUpNTQ==&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHTIlbxSFD-w0cDOCU_MwkSqmc72

170 B
188 B

38ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXUlotMUQtRUpNTQ==&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHTIlbxSFD-w0cDOCU_MwkSqmc72

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXUlotMUQtRUpNTQ==&google_push=AYg5qPIX_QHsvXySMDWcQ2RiwzW2r9Ua37imdvpVwRlQDcmtGDgBK-bcjq5TGNP7Nx-hsDLljHTIlbxSFD-w0cDOCU_MwkSqmc72
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6DBD
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEDT5Fy_tI9i9jhEb5CQYUEQ&google_cver=1&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbc...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6DBD 0
12 B 43ms
43ms Image
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2ZeIFGb2u8JLh4Al4_TIJrSmv61YUnktVzIs0n6NxGasWH6dIZtDwqXqud8lTYJt4oNcT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame F396 35 KB
13 KB 3ms
2ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 04:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 04:39:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 26CD 35 B
210 B 74ms
71ms Image
image/gif 2620:116:800e:21:b25f:f2c2:3600:d81a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIDZLP6N1gsPMYsW-i0SXF4&google_cver=1&google_push=AYg5qPK7NDC3_hndKg6BA-FxiW6s4LaWD_r8Vb7Tn_flCdaZ1kMjyVfK690vv2u_f7WQapHh9J96tFpN8iuG4KMRArE2-Tx8apjQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:b25f:f2c2:3600:d81a , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx88KSmjKfDEa9v06CqukQ&google_cver=1&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3&google_hm=Q0FFU0VCeDg4S1NtaktmR...

170 B
188 B

38ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
via: 1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKIA0elZ2ODb4yPjYvdhhm6a3dzvPwD41uksxhaYZ6DnlstxpVSb4roC5C8jwHRHtZqzRtVSEW2aY5P3HjxbftZ-7cMSx3&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 4PCQjNsS5ZkRBxDWPlXQJ8AtQGBSWpWqZ9aZ8Xzb9_ApJC3ihe9dkQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELspbODmUQP5YA1vW14Rgf4&google_cver=1&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

170 B
188 B

39ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b&google_hm=1wG-2P2qwaUCPZOZoQK0nA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1g-5PES7bdN2x8ut1AuQFEI8UaQ45fXEiDiT55uWKa2AC-tef9q-iwMcw2hMN0QSQddy4E3kfUXqA1rmtcMKv__f17P2b&google_hm=1wG-2P2qwaUCPZOZoQK0nA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: qh72u8vofsa11iuiochf3r3ursfa8bva

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJuuuwD7m8JMTvSTUIZAE6Dr3AbbNx5nxydKjWr21rYSpbqiAPqx0JLRfgKYO1sZ9A2IBV0PLHPNUAAZoNFnRGfIa_cFUNR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJuuuwD7m8JMTvSTUIZAE6Dr3AbbNx5nxydKjWr21rYSpbqiAPqx0JLRfgKYO1sZ9A2IBV0PLHPNUAAZoNFnRGfIa_cFUNR
date: Wed, 20 Apr 2022 07:40:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKpWhACT-sPElzz-1la8-iI&google_cver=1&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXU0ItSS0zVDZU&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNEPoU4UszbCA9y_VG-vO64PIfcm

170 B
188 B

39ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXU0ItSS0zVDZU&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNEPoU4UszbCA9y_VG-vO64PIfcm

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXU0ItSS0zVDZU&google_push=AYg5qPLnBBA8_UUqWixwWuf4btK5s-nGmv5Pu8UiAN_BSA-lmWmJeCAg_o5TKq2MemAbnz-jlNEPoU4UszbCA9y_VG-vO64PIfcm
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjko...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 26CD
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEAbPH9hqI15u8O-4-9UjIuE&google_cver=1&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fb...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 26CD 0
12 B 37ms
36ms Image
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVR7SQMa-6ZEnOG5xvCdBLwrs1Wkymp3FkA9dMc2mDWF4Xb4gWMEbfPdtTdrvoP9Qw_GGn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36A7 143 B
163 B 4ms
2ms Document
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:54:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6253 1 KB
749 B 4ms
3ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 23:28:49 GMT
etag: 48472445140208031
expires: Wed, 20 Apr 2022 23:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36B4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

50ms
49ms

Document
text/html

2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:12 GMT
expires: Wed, 20 Apr 2022 07:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCQTVAU1RQQg&google_push=AYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9yw9DmuzFUa5JQOOvruOCn5UvvEMcC-5XXAr_mlitknbWm73iwlyISRA

170 B
188 B

40ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCQTVAU1RQQg&google_push=AYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9yw9DmuzFUa5JQOOvruOCn5UvvEMcC-5XXAr_mlitknbWm73iwlyISRA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxANDNBQUFCQTVAU1RQQg&google_push=AYg5qPIaP4uRWaESttHkGcrSXAUusuDY2Ok9aq7Tgh9yw9DmuzFUa5JQOOvruOCn5UvvEMcC-5XXAr_mlitknbWm73iwlyISRA
Date: Wed, 20 Apr 2022 07:40:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 389
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx88KSmjKfDEa9v06CqukQ&google_cver=1&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk&google_hm=Q0FFU0VCeDg4S1NtaktmRE...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:11 GMT
via: 1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJiNnnHhxgEIhR1Lh_b8QolgXQkJ9cj5OYSJXhHuqRCajZC-UZD5bsH_k40ykPGGUARZM5UM-gcH07-jZANcKGTl-XZqwk&google_hm=Q0FFU0VCeDg4S1NtaktmREVhOXYwNkNxdWtR
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: vbhPyMAcIHWMncQ0gk07PGiMeyOaqMyks3DRXoa0X17rScfQBGN4TA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j6HNYjzgB_9srunjxMjK95ximW-u66epCNavWxQMxZWKX7fubMMh...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bSMnn9FpmrmlGrRCjNaius&tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bSMnn9FpmrmlGrRCjNaius&tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j6HNYjzgB_9srunjxMjK95ximW-u66epCNavWxQMxZWKX7fubMMhGaaLVzAObe24

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
last-modified: Thu, 14 Apr 2022 22:07:14 GMT
date: Wed, 20 Apr 2022 07:40:12 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bSMnn9FpmrmlGrRCjNaius&tap=gAds&google_gid=CAESECi-fb7Rp8DdU5w1j7CeqRI&google_cver=1&google_push=AYg5qPLbXstLno5Pgr1xuzclLBBYnCJ9-e4j6HNYjzgB_9srunjxMjK95ximW-u66epCNavWxQMxZWKX7fubMMhGaaLVzAObe24
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENFDj34X3EO7U3g7p3P7Kyw&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Y...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Yj1k0&google_hm=MTA1MjE3NDU3NDgzMzY...

170 B
188 B

38ms
38ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Yj1k0&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPIbly3SVfiP6EcQxrXacXjF4YafUkIkw2THnisDB2w7rRwZFyVFrBNrTuGB7wMCueptZlD14752-ynPQsvH8lGoI3Yj1k0&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEC6MZqZRbGSkOKLl15QYaiQ&google_cver=1&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMer...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMerz1jVfOpV405p5MoHnA&google_hm=MTA1MjE3NDU3NDg...

170 B
188 B

39ms
39ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMerz1jVfOpV405p5MoHnA&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPLFLbJHWefwQ7nLy0AkZ2Ci5Li0qwKsIKvhk4HWuBdmpcvB9M6b31JEqpQQ49PrIBwAU65z5cMerz1jVfOpV405p5MoHnA&google_hm=MTA1MjE3NDU3NDgzMzY4NzIwODI
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6g0h8cuLIQfp_f4V-cIfN2CntMQ3Sw3P6Y4IVFI9hzHyh4S-M7AI94O_ezyJMQxnhDUGVKvRG76eSEcBPkTF1Z-HdzA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BEQelmKgSvS-BmiLCTfwnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6g0h8cuLIQfp_f4V-cIfN2CntMQ3Sw3P6Y4IVFI9hzHyh4S-M7AI94O_ezyJMQxnhDUGVKvRG76eSEcBPkTF1Z-HdzA
date: Wed, 20 Apr 2022 07:40:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6253
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKpWhACT-sPElzz-1la8-iI&google_cver=1&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXVjQtMU8tTEo5UA==&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3x5yxkd1ROSupPrCjNns9ZBg

170 B
188 B

37ms
37ms

Image
image/png

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXVjQtMU8tTEo5UA==&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3x5yxkd1ROSupPrCjNns9ZBg

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI3OUxXVjQtMU8tTEo5UA==&google_push=AYg5qPLEqa_PYHc_SvC8yyT1wOOQaqNgJUuZbh7uFDcZiyswLDiTOdBnI4YDR_nivxQlG2hjMJ3x5yxkd1ROSupPrCjNns9ZBg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6253 0
12 B 37ms
35ms Image
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaSqSB8G4sh1a22hgWlirapUbK6iq10_uZTi5EPcMz3jozmb3T2lxZDe-yaH4meaOiZxAm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6B15 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b985c6380d62e194baaeab6a70ab99517590ddf4a2eb97497f766c3b726654

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

176ms
176ms

Document
text/html

2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:12 GMT
expires: Wed, 20 Apr 2022 07:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 07:40:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8ABC 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 04:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 04:46:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 8ABC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

253ms
2ms

Fetch
video/mp4

2404:6800:400b:3::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4B3A180CC11000F0700E1D1FF9C7443EAA7B470E.17609D48A925C7C58DCE76EC8267DA8D4914A273/key/cms1/cms_redirect/yes/mh/jC/mip/2a00:1633:128:4::2/mm/42/mn/sn-ogueln7d/ms/onc/mt/1650440106/mv/u/mvi/6/pl/32/file/file.mp4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

HTTP/1.1

Server

2404:6800:400b:3::c Tokyo, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 07:40:12 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2048585
Last-Modified: Thu, 10 Mar 2022 21:55:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 20 Apr 2022 07:40:12 GMT

Redirect headers

date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4B3A180CC11000F0700E1D1FF9C7443EAA7B470E.17609D48A925C7C58DCE76EC8267DA8D4914A273/key/cms1/cms_redirect/yes/mh/jC/mip/2a00:1633:128:4::2/mm/42/mn/sn-ogueln7d/ms/onc/mt/1650440106/mv/u/mvi/6/pl/32/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5412 23 KB
9 KB 2ms
2ms Document
text/html 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 10436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 04:46:16 GMT
expires: Thu, 20 Apr 2023 04:46:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5412 35 KB
13 KB 2ms
2ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 04:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 04:39:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F396 0
20 B 40ms
40ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B57cr3LhfYusUz4vwAuuBtrAFAAAAADgB4AQC&bg=!XF-lXxvNAAZvJBiFTyQ7ACkAdvg8WjIZL8P94VB6-6avd77CHIlMkAeUCTMkLjqiYq9Plld30-R62AIAAACEUgAAAAdoAQeZArlugTj3asZ9NAGm36nwLg_FffNKHmPKLGTME-cj3l0HoriUxItmvQkNgYShQI8hgs61CDeLmi_HVKFAAtFZ7DHOaVUboVECYGOEKVDhNn-wOGPBfb-g3iU2dbX6k5WslAvJrt2zNFAXcEZIJ2KzEKj-UGLsTNv95_Xn-1oKdpp-5pR50SAcK4JLtrgtAlaCAcbLreIaZFn9tt5W176iBYNgBT1mjpkUFMfkvp_62NHQrKBWQqIfT_LTXjopACRSZkQeYvILwNVgjY0rQ4aeaYi6txLX5IWCu5_Lx_PW068ESduqRFqvGZij22XlIDtPvoxABBkY7th4MaPDnybhLVs0X0yRoYCTrsgAvlcngOkkoM6FZgHod5ZQD40ZAGaTIddiA6sy1BvyPQUfN2dDARsNxvXjWlkJYtbR6de9taJGGL9tTst1Xg1cnAT4dk4AIC0g_tkD27lQYN0TWHDKKtGtzPNFYkSCw8RNcpQQk3w6mitj6UkJ4bi1Lw78tUTjP_jIbZD0OV7EXt9cdclUqHoMaf28h_1f33gQRLEp84te55435RStWr1Kd8Cle_BiZ8aDdtwoAwt_3-zQzyk5yeyQGpgozfv3LVe6khBdlfydWdnjAfP9460RCesu8TzDP24dlQA8n-Pt1r2o5lLSiP7R-lYa-1NhhQz_m5MIkQ6lIcy4997ki04zRqr49Ge_UxOzkdh95W6gEpzQBJhU1aYO-Wp6vYRSoWF8VI9SRisv70I7MQxU0uDCYBzp37zGzqgYKoCo85JZuOX_Qut1-cl1FKauZmikD0jqUJmfc9sBVM_bteZkkJXcGDnjZrYZpqQC_LcqLvYoBNarAXWZAzpT0hOF5DUIoiVzJ6EE4Q62ZiWay2ATU1bfZRlW3ywr0CNUlQ4D8kVbxOYtYa75IHf8MGNa0L3HCYzB

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 829E 35 KB
13 KB 2ms
2ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 02:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 02:26:44 GMT

GET
H3 206 file.mp4
r5---sn-oguesn6y.c.2mdn.net/videoplayback/id/754def01f05fa2a9/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791396516/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame F00F 1 MB
1 MB 8ms
3ms Media
video/mp4 2404:6800:4004:31::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:31::a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2ca10c7fec79ddb1731bb42ebb594e73e74ba039b04db57b4e34c3d62eb22203

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1323288/1323289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1323289
expires: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Thu, 10 Mar 2022 21:41:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 index_0_250_00001.ts Show response
streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/ 497 KB
497 KB 73ms
72ms XHR
video/mp2t 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/a9c9391d-dd16-4cb6-9319-5dd9559fe22d/index_0_250_00001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 74b1dbe8b0769e9baef701e98f465ca3a3674baa2acd831ce8ab7ccb518d164d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Mon, 28 Mar 2022 10:10:14 GMT
server: nginx/1.17.10
etag: "62418986-7c338"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 508728
x-hw: 1650440412.cds035.si2.hn,1650440412.cds238.si2.c

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 76EF 42 B
66 B 38ms
38ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufEI3xK2PWLVdTRYI-G8DSWR9w6gP8pnUgKcAJbEPjZYlagV7E2PAHTj5hfJg_RNP5DdHEyf2GbGe7_Wi9BvQRkQ4max8y7JiE0U4QFY1fmH1neqE&sai=AMfl-YS4Lh6t_OLB7P8rD88PMhxNtozF7vqVj1jAVy-iflH6SyawyNOtW4dBAp7-LWC4oOpAsdC3rM3TPdVC3iGsusl5yr8VDNJCkLAITKWWhA&sig=Cg0ArKJSzMZOthJHQwwoEAE&cid=CAQSLgCNIrLMLlXf8MHJ1YFoBpp4GXwO5mgtZpZ9ngy1LoFmt9scxPU7HaN4oncbMY4&id=ampim&o=0,25&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=265&tls=1271&g=100&h=100&tt=1271&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1317852776

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 0
20 B 40ms
39ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bb7n23LhfYsenD46Cid4PrtmLiAUAAAAAOAHgBAI&bg=!ExClEFTNAAZvJBiFTyQ7ACkAdvg8WizKrUG8QpE9Vt4QDFRgyi7EJx3EwYWUexjRbo2BmA49tmZMlQIAAACfUgAAAAFoAQeZAsVguc8FHnRuhXwwfwMCWQeZA32BTHjZJH0EyUDUvO9PVLSp_pS9ls4OX_Gbbq57f4xpJSPFSbRvPenMoHFWH-LZR1DNuoHvuXtR_gCtR3_nwBrWz9clsZyLIoaGTb8J5CPAqUigReEkltv0qVFgday2MSpOExuTgX-HqNGBHJLf6Fh5zL-gJ5pf52EXKvY8LpEcJmeTt29vAPn3rq0obQhNPcLKEb0gA0-6bIdeHdVBM4z9HXWbn13TA5qwZClb39ybTVUIpClCueIRQH1cJwex1PsXR8sKz_jxeQFXCadkMUUQdvXLPuJNFKzlfzQYZjlNjdalULQxPLK3n55RakNNwReOE6MNfYGLrS8Ku_9bQul7diUZPc_GRYbN8ZFwYUZhxDy8aogiaZSuNsy2_BG3tL_E8aT44XUbEgTtBcUgh9dlCaW9JQRS_9Ji2DOTMAucWNyD1M-uBkPtXXJsgfN5UfpDi_BOwAjLe15rHQYgphlcdhbeEmQjXSRRgDDbr2gapbZu1TrmoS-zWSi_JsJKVL8CPCU--8J4LlS_SbTUfB6VTplbcNw-9vOnONeq9h7SPA0QInUIAL4ZcvoWe7cqQZgtZQ3G2yngpXNLQ4gezWGKfxQ01-Gm_SEhNklkLIA4_QPMkBxPgCQ44WeW360iVt5reL8URRc7L-p2doEFHbtlk4llrjNgXMvpJ_6K8M8mJFQh8dRAIHjurFrpkrGnea5seH3j7G6JBwcswmeHILsm26MTxvWmYq_eYotsV8kSSmTBjc2kOPhkt5-JEBP0aAE5MieCHCQzOLlMvR6UiGKA5hdZeXy9K1ovHI3nlWQ-32tygikKji0vl0lfRdaDRUMIy385NmHaWnDrkMQ9w04lgt6BjtSS0noESrcjocFZfVc7YpPLkih-JlTJuB2kq2hPiLasLrlrwJaWP8qGIPnKyqqH

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 51ms
51ms XHR
application/json 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

d762977ee43dd12d88bd2ca1d9249dcf3ea290ca780042914d8dd2dfbda2b43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10530
x-xss-protection: 0

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 199A 35 KB
13 KB 3ms
3ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 02:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 02:26:44 GMT

POST
H3 204 mod_pagespeed_beacon Show response
gbhackers.com/ 0
550 B 133ms
133ms XHR
text/plain 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/mod_pagespeed_beacon?url=https%3A%2F%2Fgbhackers.com%2Fcritical-magento-0-day%2F
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/critical-magento-0-day/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gbhackers.com/critical-magento-0-day/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: MISS
x-varnish: 70692234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spoHTbCkBP3eXNZ31mar9Y4QwDXiJJWDulJXDTNhm5tbJgKnOcI0JPuBm4EZLC9RFTzU4mKAAw1t7zv459Yc%2BGdXhrJUmzhmdFmGxgL0G3pa2QM4bCFDT3smHzVH0PfA2ix7NTGFedk2wSay"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, max-age=7776000
cf-ray: 6fec3b02be7e80f0-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 19 Jul 2022 07:40:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
40ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 07:40:12 GMT

GET
H3 206 file.mp4
r6---sn-ogueln7d.c.2mdn.net/videoplayback/id/34c53c14c9b20c7d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791397337/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 8ABC 2 MB
2 MB 8ms
2ms Media
video/mp4 2404:6800:400b:3::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:3::c Tokyo, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

155a5bdcb84ce2c08cdd77ca81955f68669e7b2d8235c60a1ddba49a8b065807

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2048584/2048585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2048585
expires: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Thu, 10 Mar 2022 21:55:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 44B9 0
0 41ms
41ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoM_H27hfYt7qDpmRqQGW_JqoD5qk7Kppo6XaoqgO2tkeEAEg8tO5e2CJ88WE9BOgAZmJz_ICyAEB4AIAqAMBqgSGAk_QSbyjcF3HiFbCtZ-g6tMGuc3rwXy5FW0ZFAs_ErovO0gqS6RnVG0hmzgH5XyPPn_IuYGwkDzD0PaMkcoeIhwz9f3s9TM0erxfTslUvtmP-IujWqpakDdyIZiJhhBh7essj2cTagSGz5qZq2IeLfSEbaot5lgqjMp-ZpdnaVCtHBIqDMBA5Kkb4aCVz8b0tjUtWYdNDqkqjj5TqdssvrRmODvkdna-OTFjmGhIVDwZWeVQ_rIFEXSy89S19AGBvOUjCj0Sbc1Pems-A9-AvDfq7jo2eLcpAXWDDOPi4Yt7vwjx7Txiz_oYHXmPy7Z3xfhjzw33RxSGq5V9ikHOX3vzGno6KPnABJPtkO2_A-AEAaAGZoAHz_awjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDy3wPSCAcIiGEQARgdgAoDyAsB2BMDiBQB0BUBgBcBshceChwIABIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=Jksx2hQLrE0&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 44B9 42 B
66 B 44ms
44ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS69ByZ3NWK5eCiq7TaUXx_G0zTis6nB2zKdh0bZRESDafESlH5wCJIeuXLbkLEJHLwabC07SHN7uyDLlDXUmwvfi_qN5qeapLxe5Zd6Ox4crOt6e6D1oArdIFJqpQoP9DHtMFzG9zow&sai=AMfl-YTVdvoemzVS2ctzcIR48mrl_2SIYK4jD3W_M0KscuSAO8fSBFyBPlAhGZkwnaqO-OsRciEoEsCN_1JsHzIKzE_oXpzOTY7Ih5olyNM4cKp6019CBJNxoMXhgTFxPBo&sig=Cg0ArKJSzLNygRMm-2H8EAE&id=ampim&o=1480,25&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=136&tls=1145&g=100&h=100&tt=1145&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 647E 13 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 165667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 09:39:05 GMT
expires: Tue, 18 Apr 2023 09:39:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8100 783 B
535 B 41ms
41ms Document
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c6477a949d5b3f80c62ce1e60d7dd03ef456bd2a79eeb9a2df5d5c0d41e9bcb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CWKAGTqDu+7Dk72ftoavvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-CWKAGTqDu+7Dk72ftoavvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 07:40:12 GMT
expires: Wed, 20 Apr 2022 07:40:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 647E 35 KB
13 KB 4ms
4ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 04:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 04:39:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8100 0
0 69ms
69ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=3292992065877901&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 647E 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZZLwWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:40:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame F00F 0
17 B 35ms
35ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l279lw34&c=7137300746038&slotId=3568650373019&qqid=CInzutORovcCFQkJYAodgqIAXQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&ccc=3&ccrh=0&ccri=0&ccrs=3&ccru=0&ccrhc=false&msm=1&aits=18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5434 42 B
64 B 45ms
44ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJU6HRlkH3xNJUjNbqh--3s59UdBSdVXAy-YIIpBrlWzCUfT-GgDuePnOzUzBjSrn3fluudIZZEv6BOB_omGq42wk2SMCF1Si4Sq16oUqL3634v2g&sai=AMfl-YRlJUNT72xx_TqOk89hZXwbUGvq8SCrXvugJg0EtTjWfZkZGgMJEAHtTKMSoaWxt-WGchuteUkN7ckOYaNy3We4Wd0kb2C2EDI8_UfeK2ieb9B2L6Jn8TJajRGs&sig=Cg0ArKJSzLliFOFQzXKqEAE&cid=CAASFeRogUXrdFzMAZp6cYlHE2n6rGKs-g&id=lidar2&mcvt=1000&p=0,0,280,696&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3886963407&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650440411122&rpt=1002&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8ABC 0
17 B 36ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l279lwb7&c=4681226473012&slotId=2340613236506&qqid=CKegutORovcCFRSRwgodblUIWA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=894&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&ccc=3&ccrh=0&ccri=0&ccrs=3&ccru=0&ccrhc=false&msm=1&aits=18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=3292992065877901&bg=!bm2lbSnNAAZvJBiFTyQ7ACkAdvg8WhheTr57xHDhVycFT66w8_wDvz4t1NI7RVHHTzVmsLewEsD8JgIAAABmUgAAAAVoAQcKACwS1q8yMgl0g_KwxI6TPL2M0Ab3HxSGpVvvK9AFSmjbub-5eE_eeVTxjlVcV5kCoUd7fSrLZM7TOIrg68EfrNSTmWAuUjuOuoTMf9cJ79qV8stUKWB1gtDenAAGqmsPQ_Smbz3hLKcdyQ6K1pRUn94lsGOfPvS_8BKQOamHSpTvVzckAezLrMjH34UGItnVzzgV6KblCwpCaNRCXlsgurXXyHPMVAkRdHfTx_9P_SuU74ohpwmUbp6p2hMClo-M60tzXF5XJ-WzQev71ykZa7NGmExvlDXlvqjoIGbLHT3LTjH5fT6OtEpMgi_fhLsoD4FoGYRIPJ2mbKrtnl60fmlkPglDCH8fqzxg2uwUGD653_PO1qaWaw78lrxEML5ABqQeXWSZVep4haEAGR27_i3isIcCj9ijNypaHSn2dlER2-ATEws3BMYTqNVEOsdWiRA4Rk8M8w8ykmdub2ENHH58Ej618pIpUlNeTIdmRU6oTalYy1FbK9PR-jRn3vGS9fYz2Q6hXkGIwsVZe66yHofu9cvnLEK2Z61iTB7fsXMq_pZE9kDwVISHwKVRS9qNBA0fId9KI4EJpqB3B1moFX-ueHiQNKPWU33IPsW09wTjSuiMIDPhnn9FWQrbSE6IiOD_jeyz4jI0JHbDe0A_TJJGUTaa6ZOXdEgQ-SzTieYbB1jCggmzz2WnF9KVV7oEweEYCpMp0gNu_JTyOCiPXsG-O9A_9di3TJsW7nFQccOdnZmwmRzrW9iGMvPF-bEyvmY11IuYDrNZsZxZRzquCy1xED2CHQyqVQh6tLGdb2JPn7mHY-v_Eml1KQtErJ1qD3HopKj-23YWsMkmrE3WnrO7tzDMGfwGVJ5R29dAmpPkL93TjIFegLGrXbYW5NaqMWkGoq9xvfNSAFTZVIMZlJwGIgG3c02T1_i7SDKp6v9r9E0qDVa7rk5cjkrFxvAXRYY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B15 42 B
64 B 43ms
43ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts4cVqYsbFbcd_93proCIUP3kyCSKk-X2O1Sh4HJaALjCltn2XQMZ4EMQl1uvUAeyZpxMn3vSfxbGVi8lnQmsba8gRLuKmGRTbMGN4bhYUod0opCY&sai=AMfl-YRYNEDuoDjgbfDoThDx0cGpwTmVa-JBkNfJSuDibTeA2pBFGaGNKqXZARTusUJ24HISlVOaiguRR0vUrYcxJJ2DZVbO3zzRTjQRddDudo25DH8vJTXxp_4hVdz8&sig=Cg0ArKJSzA6d-JtCoy0NEAE&cid=CAASFeRoL9x9PnRn3lVcSwM1gRrROCM48g&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=104,787,1000,1137,1205&tos=104,683,213,137,68&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650440412051&rpt=215&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 07:40:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK4o1CIH9BODHGQmSXssDzk&google_cver=1&google_push=AYg5qPLPUtPBzhaBr53CCnIP4F5C_E374TXIMy5Uw5tYjBrUJDUIrIC20Ewl93D4PeTb6CUfzu3_YsYmwIAFnKIlLh_6W7OsfTglruk

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wordpress.com/	1969-12-31 23:59:59	Name: wpcom_highlander_3pc_check Value: 1
.gbhackers.com/	1970-01-20 19:58:32	Name: _ga Value: GA1.2.107434288.1650440411
.gbhackers.com/	1970-01-20 02:28:46	Name: _gid Value: GA1.2.844820306.1650440411
.gbhackers.com/	1970-01-20 02:27:20	Name: _gat_gtag_UA_88811382_1 Value: 1
.gbhackers.com/	1970-01-20 11:48:56	Name: __gads Value: ID=6a78f240c00bc184-22e0f9cd60d20038:T=1650440411:S=ALNI_MbJr8FExklOvyfMLOey_-yT4xFp-g
.gbhackers.com/	1970-01-20 11:48:56	Name: __gpi Value: UID=000004f090d22669:T=1650440411:RT=1650440411:S=ALNI_MYawnF6j64fYBNfQeTaQrK9Bkg3uA
.doubleclick.net/	1970-01-20 02:27:24	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 02:28:46	Name: KTPCACOOKIE Value: YES
.adingo.jp/	1970-01-20 03:10:32	Name: ID Value: 39e27ce50df14f115fbcb0aaa5bf0826
.pubmatic.com/	1970-01-20 04:36:56	Name: KADUSERCOOKIE Value: 04441E96-62A0-4AF4-BE06-688B0937F09D
.openx.net/	1970-01-20 11:12:56	Name: i Value: dbfb0bbd-fdab-477c-be9f-17c6163cbddb\|1650440411
.doubleclick.net/	1970-01-20 19:58:32	Name: IDE Value: AHWqTUk_YYunz5TS32Kons3sDa1AM1ixWxls6r1mmW-_Gg67cJH0JVRiJdQDO5PfbZk
.casalemedia.com/	1970-01-20 04:36:56	Name: CMPS Value: 849
.quantserve.com/	1970-01-20 04:36:56	Name: d Value: EEQBCQH5JYEA
.quantserve.com/	1970-01-20 11:57:34	Name: mc Value: 625fb8dc-0d75f-d6e23-17a3b
.casalemedia.com/	1970-01-20 02:28:46	Name: CMST Value: Yl+43GJfuNwA
.agkn.com/	1970-01-20 11:12:56	Name: u Value: C\|0CEAp8nVcKfJ1XAAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 11:12:56	Name: ab Value: 0001%3ADEvDEOwqIwwYMccMDzEQ0SmWl7WS%2FElc
.casalemedia.com/	1970-01-20 11:12:56	Name: CMID Value: Yl.43PrZHHM00MbXw7J4ggAA
.casalemedia.com/	1970-01-20 04:36:56	Name: CMPRO Value: 920
.mookie1.com/	1970-01-20 11:56:08	Name: id Value: 10521745748336872082
.mookie1.com/	1970-01-20 11:56:08	Name: mdata Value: 1\|10521745748336872082\|1650440412529
.mookie1.com/	1970-01-20 11:56:08	Name: ov Value: 26ae7b74a394daedc87acb675ec27266
.c3tag.com/	1970-01-21 22:15:20	Name: C3UID-924 Value: 15841611271650440412
.c3tag.com/	1970-01-21 22:15:20	Name: C3UID Value: 15841611271650440412

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://blogger.googleusercontent.com/img/a/AVvXsEgt4ydu9fuRn5_ZauZk-EwmB8Zc6Xhcmak6l7T8NfoacGYgcZ-YjqYoRCdl0UE-relh8Btcb_Yci0c79BJx_7lRXqynq5u1ziZuhauj03A6OuIwoFF7qUrhFkferBVsjFCfGudVjbmVuH5e5TFUMr2I1M4dWhkVz2748ZhS_9hGM4XBkLt11pIAQndAIQ=s16000 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK4o1CIH9BODHGQmSXssDzk&google_cver=1&google_push=AYg5qPLPUtPBzhaBr53CCnIP4F5C_E374TXIMy5Uw5tYjBrUJDUIrIC20Ewl93D4PeTb6CUfzu3_YsYmwIAFnKIlLh_6W7OsfTglruk Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJzVnoOwsx4PTCcfde_nEE1ainhl3qlN5Tc_h29ST12Nk39lXIja6YsY18PibhMiNkyxejHMqnkJw89hjkBSCm_mg8eCvLS&google_hm=0aab342676266d41cda6b1a3bda736a5 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPI2JTeVLNvADPNok5LGoUTI3BlWYvek4T6lwesSpLNniOiiB9VlSsixt9pLMJhBV2zI8rg30hLT4K45Lo-GKMAnGpCV7f-W&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_cver=1&google_push=AYg5qPLGYnOBhob6O-L12dxATSsrne4j4G5rNv3tN8B6Kt-XC8RbfiyL7OaEGPn21Okbn5nHGG2BDkD5i-dujgsXD1NoOTuvEceG&google_gid=CAESEIu3ARjIXW4ZG7wslPXGp-E Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43AZv-Xf5oXFfkE7niwAAA18AAAAB&google_gid=CAESEJocw7r54aCfPJkPda4FL9s&google_push=AYg5qPKcALWPF06IfxAGR4F9DXFnaXz_sJcHdo0HqRDnOy2Y7eMPRql--GFnZJ380tzafDvnvlCer9AqKo7rLGPBPCBrMgDNg5ukYA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJtYwPyshskWJiPnJIyBKpJvHnnqoFAI-B6iulVUz06_fJ5PwRQAcQQ-1jYQyjEBV2u0-klCtutqNmWhIcLlncDfP5pi1hE&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIDI_AVAMVIOmfzAfPScJXGmoJjM-xG5ia-xsXpcy0TWWCykSjZcbT4mCaYzd6TckoYkb1N2eDyQtC_MJJ5wsaNZc_dLPg&google_hm=39e27ce50df14f115fbcb0aaa5bf0826 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESEJBd9HPa4tlgyrJDGyYUE1I&google_cver=1&google_push=AYg5qPJigQ5uh0pLmVnD20YgdP9g-o6auFjkokKH9NF7ZrV_RyrHjaQmAASBxBhRdmzgpf0H5jF0n4qzNkWL1xJb1zHHxTpeL2Dz Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl-43PrZHHM00MbXw7J4ggAAA5gAAAIB&google_gid=CAESENfvZXOlxXCuNvKdRk1X5rE&google_cver=1&google_push=AYg5qPLz7Eh0pybUXFjrDEq4n_ymmfHnR3rrI8xHHCaXzHscE72TCBQtjopnnXtZE_iyceRpNi59i39yl-CsLQnmIvGUC8Skmh-0 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
3614e8366d501c8917a5d9e39bad2988.safeframe.googlesyndication.com
924-img.c3tag.com
ad.doubleclick.net
adservice.google.co.jp
adservice.google.com
api.pinterest.com
beacon.walmart.com
bid.g.doubleclick.net
blogger.googleusercontent.com
cdn.ampproject.org
cdn.onesignal.com
cdn.playstream.media
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
gbhackers.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
graph.facebook.com
i0.wp.com
i1.wp.com
i2.wp.com
image6.pubmatic.com
imasdk.googleapis.com
jetpack.wordpress.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
player.avplayer.com
r5---sn-oguesn6y.c.2mdn.net
r6---sn-ogueln7d.c.2mdn.net
rtb.openx.net
s0.wp.com
secure.gravatar.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
streaming.playstream.media
tg1.playstream.media
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
103.231.99.243
108.177.97.155
142.250.199.102
142.250.207.34
151.139.128.11
172.217.26.226
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.33
192.65.229.43
20.85.9.11
2001:4860:4802:32::3
23.45.60.235
2404:6800:4004:31::a
2404:6800:4004:80b::2002
2404:6800:4004:80c::2002
2404:6800:4004:811::2001
2404:6800:4004:811::2002
2404:6800:4004:813::2004
2404:6800:4004:81d::2003
2404:6800:4004:820::2001
2404:6800:4004:820::2003
2404:6800:4004:820::2008
2404:6800:4004:821::200a
2404:6800:4004:823::200e
2404:6800:4004:824::200e
2404:6800:4004:825::200a
2404:6800:4008:c13::9a
2404:6800:400a:804::2002
2404:6800:400a:805::2001
2404:6800:400a:813::2002
2404:6800:400b:3::c
2600:140b:2::172c:3388
2600:140b:2::172c:3398
2600:9000:2142:1200:19:fc2c:a140:93a1
2606:4700:3034::ac43:a5ec
2606:4700::6812:e134
2620:116:800e:21:b25f:f2c2:3600:d81a
2a03:2880:f00f:1:face:b00c:0:1
2a04:fa87:fffe::c000:4902
35.227.202.26
35.227.252.103
52.3.72.47
52.71.114.9
54.213.69.79
8.39.36.141
94.130.218.84
00d0070eb1bff269e01ff6e85e97f5c3427ecd26ce86c56e6e635c7bba867e10
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f
033ac4de550c02006f3ad635fab1d85fe4c08179481725a25c14862b503a1912
0454e3fcdcaa1ce3c5668ad4d4887d61c0a02ab3b004fe58435a3daf327b5ac8
086d3d4f7c60faf9c9a1ee985ea35eca47e4542fe35db24754c26894639dc9a0
08b985c6380d62e194baaeab6a70ab99517590ddf4a2eb97497f766c3b726654
0900693ba4018c6de9126b543a8a3c50080eb74d1ed0696e5cc8fca0c0c99513
09cfc2a69e54e431f69df45fa496f8df5bf1fabbe44518be3cb5f5eb922295d7
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b941c810fe88e2e1057892078509e93bbf91555b097c28554b8e1e9df0df4e0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbe809775a3a3199624d023fb474484d89b9a4c48f1585f1eac8dbb53b5b9be
103fe0291557094119a64e929806340361d8d9a7148dda36e266a77d4eb4952c
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
155a5bdcb84ce2c08cdd77ca81955f68669e7b2d8235c60a1ddba49a8b065807
173edc4b4d0a657b44fd200f7756f37955b518d0d469a827a6b5abd0d6e24216
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1820ff4e7bde396510b5a0f38900029400a051e4a11d960646cca97d4e7445f0
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
246b86b3d23199c6e1282ea9de9c23a97520e0098b572f84f054619cd89b42b5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ca8e27843bf2e61cca14e059225d12732230315ddcba2549451c07acd94950
29bbf09cb5490a7e69b73237ebdd67b357542db2c737624bc8aca273d75c3e52
2ca10c7fec79ddb1731bb42ebb594e73e74ba039b04db57b4e34c3d62eb22203
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2fc1b2d9aba57e8f207c9272af85d95eacbaa7ed664abb4fdcfe3c9fda7c1f66
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
34faef51b9aa878aad6bbc699738948ed286048afc01599cd6107c11193c6415
357498c7c2e12493b2fd69f74d18db6e63f847a31158b9bb2a6584a8aec72db8
379579bc4160bf2fc61a12ae392d7e835ef39f174b1fd51e8043c044c84fd22d
382e5a9ed1bac8d2e550dab8d54041d8fd093c8cdc80f33536ee9ecc0e1e1e38
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3b8209efc7da6a179bd91dee606ada248b8439c4a409ccbf09d239995cbbba55
416b3a49eb2cca735856c99da6c981f72d09d32c8bef9abd2e4d8e0d81029483
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
448ccea28b84e31cbe8bbc5fb4003a1c9877f0c1bad2901a1c923108a9f16624
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
46842e3fe5a01ab673ca82cec619df43199983f9385e8a5ff3f41befa942d9cd
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4c6477a949d5b3f80c62ce1e60d7dd03ef456bd2a79eeb9a2df5d5c0d41e9bcb
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
4fd7c77775ad67171bd2247417d611ff401b44118e47a841eec79c04522125d7
50dc367c28ef55c913b2ff3a3e255c1638e14741a6ca6e21b05030beaf201015
51288308c8e75618bbe78264693ad3c1b69f9ecc03cfb0c2e216a422b1838385
528ce763e260a619b4b10dd4f12bf79f19cfe3fadfe47059c83e36ecbe562ab2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f5a4f5d040d6f14d7d2396b34f53671ede596e8928ef98773d7264586ac5a9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e3c0688b76c744a26258d690039ec4f9487f7b509d0eb8fbf580d74e7b2e88
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6213e945d57a4b740a393943558d23a6c18b17eca38c63cfa559842d780f960e
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719a8efc035d8ea96ce455021d37e82b3ae7b4dd65fd3275855b77b99068dacf
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
74b1dbe8b0769e9baef701e98f465ca3a3674baa2acd831ce8ab7ccb518d164d
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
781b3d878304a3555fee3c1e1927492c5a7cb216e9b47700fd58e232254ed06f
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7cef38957fb773a3e5d8111b60bd459a44879018f78ad2619ff1918b6c76fd02
7e9a25072bb147e135cb65dde637e12eebb8857f334ba7812e6dbe122813ddfc
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82de6f5e5de54b332f00258ae7b27d92b0431335d616b4c9840d5314fcb68136
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87198291760dccc2caa000044c0dfd00da867eb82a0bd438bb2e467f4ad032d8
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
87628f3d81cee3abc4d74b913548e9279ece669f7d9915ab453033e6abf095de
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87ef1a8fbb1d42a1b69c0002b989c2c75780b56ffb3400c22eeefdbbb2bddc68
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b
94d76832caeb1432196cf2425697381ce4cc07101dc8be6c00fc2fa82eb6e99e
96a2fc04e5f82d1b6fed397c6954cecd40fbb8383d422a4d39f3ab7d0687693a
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8aef7d5353005023f73c407368bf8db923ae6a04d282b772d3ebdd39075bbd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a37892a29a421ccb42bd4df273265d14f6dc138b0e19d6cd77e893d661ed82a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b182803b7f7f9b2c4b92b6874fdda040ec0729d04e4d1f87ff1515c405ae1b13
b751758890c0692076e5b4d8262707257e520748a2dad68176615204b4940077
b8d22757b5d6d70bb4a66040eb6ba44389922a08c588e4e46f14ec141e028540
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9c7d82e5c64afa48db3c39763fcd144d7c5b34adedaa90e398a87ee7c8792df
ba97a4cd717b6beb6414199460703384e1b2c306ce2e71412b4f55c72a5de733
bafca30e44fd85d0c4b7a6e2c13f31ed4d1e17ced6b522fefcdc69ca9ed1172e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c544decf86001e2265d94e616fbebe31c296e3d33328f03ddb65e5b68288e66e
cbca7622295dec97458ab7a27983d05969398fbc96da602c38edb8f83e79374a
cc189cd0c466e69ce1bca14366d54770c3878162d9d5f091ae8679fe4c8c14b7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d0a6f3353c979f70b72afc8fd8c446690ce8ad61908b813c29c4a2e4c7d13fbf
d0eca051bf2e51696f3f8ef35337104af0c65042f06ee0b8badf3f8f2b4e8fdc
d2d964c92e032762a4f1e71918e960bae8a83a34ade6c620e0308ef296cf492e
d3ddd29db765914b449b4573e5a3c24e1982838d9f55befd894cb73333f8149a
d762977ee43dd12d88bd2ca1d9249dcf3ea290ca780042914d8dd2dfbda2b43b
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
da6ea6515dc1993e6e9915f88decf7bf8ca37d088b315d795f09bfea48f8a760
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc3f2293f6503ff6ee63c2a69421d235a0f7881a80d89dd407ec2f15eda63fdd
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deeb4094eda74db0e2335639bf365ce627e1961f11166948c8871d26a46ce4c3
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e5d7ab6a12d3f772d0427fc50a8e3ded642a688d2e44f108a9f09ead6dd04e49
e8090dcf1528669ee879e5d1d76076299b26ca477b3a0aa34409af2d67241c52
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ee73983f199df0f0cca9f5306e79bd0a5a624e09b9e805a93957a4167ee87fe0
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f398441c3e2fa40ce67b6b25acbfce9eaffa7ce0701d6ba523a002d11f17b03f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f8d1e50f1116674f35b6952f09e10229a9b7a58e647c67875d45673c51b10c1a
f9d279f2c6f6478c35e1c6207bc709c0ef79c5c71d143b743f011f08abce82ba
fb55864b528fb5460ccf4acb8ff4498ec0a588cb262170df0ddc9caf32f0d76e
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc1c9310b4e7ce78149bfc5a27a511c73fe3b83f1345bafb62d7a94f484e2151

gbhackers.com Open in urlscan Pro 2606:4700:3034::ac43:a5ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

264 Requests

84 %HTTPS

58 %IPv6

33 Domains

56 Subdomains

40 IPs

6 Countries

7850 kBTransfer

13317 kBSize

25 Cookies

16 Outgoing links

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

gbhackers.com Open in urlscan Pro
2606:4700:3034::ac43:a5ec Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

84 %
HTTPS

58 %
IPv6

33
Domains

56
Subdomains

40
IPs

6
Countries

7850 kB
Transfer

13317 kB
Size

25
Cookies

264 HTTP transactions
19 data transactions