ja.continuousdev.com Open in urlscan Pro
2606:4700:3032::ac43:a3d5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.continuousdev.com/33752-mimikatz-12467
Submission: On October 01 via manual (October 1st 2020, 6:30:44 am UTC) from US

Summary HTTP 209 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 21 domains to perform 209 HTTP transactions. The main IP is 2606:4700:3032::ac43:a3d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.continuousdev.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 20th 2020. Valid for: a year.

This is the only time ja.continuousdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	2606:4700:303... 2606:4700:3032::ac43:a3d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	167.71.72.151 167.71.72.151	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:215... 2600:9000:2156:9800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
6 73	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
7	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:ac00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
5 23	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2606:4700:303... 2606:4700:3031::681b:9ee9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
4	78.140.185.34 78.140.185.34	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:400c:c06::78	15169 (GOOGLE) (GOOGLE)
209	23

50 2606:4700:3032::ac43:a3d5 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.continuousdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
continuousdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.71.72.151 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

0sercher.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:ac00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:9ee9 (United States)

ASN13335 (CLOUDFLARENET, US)

continuousdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.140.185.34 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::78 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com 7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com tpc.googlesyndication.com	969 KB
51	continuousdev.com ja.continuousdev.com continuousdev.com	2 MB
33	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	157 KB
23	yandex.ru 5 redirects mc.yandex.ru	106 KB
16	googletagservices.com www.googletagservices.com	431 KB
8	google.com adservice.google.com	2 KB
7	google.de adservice.google.de	2 KB
7	zx-adnet.com cdn.zx-adnet.com	8 KB
4	stat-rock.com serving.stat-rock.com	87 KB
3	optad360.io cmp.optad360.io get.optad360.io	407 KB
2	adform.net adx.adform.net	903 B
2	adnxs.com ib.adnxs.com	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
2	0sercher.biz 0sercher.biz	20 KB
1	gstatic.com csi.gstatic.com	339 B
1	creativecdn.com prebid-eu.creativecdn.com	174 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.nl adservice.google.nl	890 B
1	jquery.com code.jquery.com	77 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
209	21

	Domain	Requested by
49	continuousdev.com	ja.continuousdev.com continuousdev.com
35	pagead2.googlesyndication.com	ja.continuousdev.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
25	securepubads.g.doubleclick.net	cmp.optad360.io securepubads.g.doubleclick.net ja.continuousdev.com
23	mc.yandex.ru	5 redirects ja.continuousdev.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com
8	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	adservice.google.de	pagead2.googlesyndication.com
7	cdn.zx-adnet.com	ja.continuousdev.com pagead2.googlesyndication.com
4	serving.stat-rock.com	get.optad360.io ja.continuousdev.com
2	adx.adform.net	get.optad360.io
2	ib.adnxs.com	get.optad360.io
2	counter.yadro.ru	1 redirects ja.continuousdev.com
2	get.optad360.io	ja.continuousdev.com get.optad360.io
2	cdnjs.cloudflare.com	ja.continuousdev.com
2	0sercher.biz	ja.continuousdev.com 0sercher.biz
2	ja.continuousdev.com	serving.stat-rock.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	prebid-eu.creativecdn.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	code.jquery.com	ja.continuousdev.com
1	maxcdn.bootstrapcdn.com	ja.continuousdev.com
1	cmp.optad360.io	ja.continuousdev.com
209	26

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
continuousdev.com
ar.continuousdev.com
bg.continuousdev.com
bn.continuousdev.com
ca.continuousdev.com
cs.continuousdev.com
da.continuousdev.com
de.continuousdev.com
el.continuousdev.com
es.continuousdev.com
et.continuousdev.com
fi.continuousdev.com
fr.continuousdev.com
hi.continuousdev.com
hr.continuousdev.com
hu.continuousdev.com
id.continuousdev.com
it.continuousdev.com
iw.continuousdev.com
ko.continuousdev.com
lv.continuousdev.com
mr.continuousdev.com
nl.continuousdev.com
pl.continuousdev.com
pt.continuousdev.com
ro.continuousdev.com
ru.continuousdev.com
sk.continuousdev.com
sl.continuousdev.com
sr.continuousdev.com
ta.continuousdev.com
te.continuousdev.com
th.continuousdev.com
tl.continuousdev.com
tr.continuousdev.com
uk.continuousdev.com
ur.continuousdev.com
vi.continuousdev.com
zh.continuousdev.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-20` - `2021-07-20`	a year	crt.sh
0sercher.biz Let's Encrypt Authority X3	`2020-08-08` - `2020-11-06`	3 months	crt.sh
*.optad360.io Amazon	`2020-01-14` - `2021-02-14`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
8counts.cloud GTS CA 1D2	`2020-09-29` - `2020-12-28`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
informer.yandex.ru Yandex CA	`2020-08-27` - `2021-08-27`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
serving.stat-rock.com Let's Encrypt Authority X3	`2020-08-09` - `2020-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://ja.continuousdev.com/33752-mimikatz-12467
Frame ID: 7BDEFBF533E718FFA83D6960D4FAD674
Requests: 112 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9iBPzEmrwU8S5htc5HdkIC_Jt6Xa_drUEsoRdlIqIVitfO1CYI4fEHYrPkB_xpw-MLh49P3FVcIeR-Zvi7k8x1qOQq4H9jiq72KGqO2syVKqJZxxrMh60mlWvOy813Agv4m5GtWhZh69w89xqlvpg2c13_yockOMhVBgEv0kcw768z8LdUcIXUjLl62E99FWovd0hvaDQVBQeyw9gFhhQZbeimDr89jeI2qkvpuFnXNltJtFIpSn8ygNE-Py3HaTzDF1l65dwNOwAauY6JgQPknFBuJL-81EN7bNAWw&sai=AMfl-YTdRTxEwtyy2qe_YMYeHbK-RY124HToCnMmossXIUx5OsiIBlJhRgbTcLJ2TWbTZ8eGEKiSyaXiBzACyq21j0r7km7mMMu_34jr5yr06ZWymWd3JBx4q5F4Wu7zm4oy&sig=Cg0ArKJSzHjoDh46akYNEAE&urlfix=1&adurl=
Frame ID: 19E68862273C7ED04A7C8AC2C502A30B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: 395C4A02AB63D851B727E7AD3403F9F7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGBuP1lCgWiYbgMv_YZqktUR-wCmYY2JhFcb7yHYHQKCTdyNo8UZDgylQO8CljVvm7i3eIFPOGrwSPkgwwvUmcqqP4cITNvzEAn3GCmy9ZkM_RVhipaQmhu9Bbk6NqYhfFRZwS7dwByTiWgE6YGQGeqNa59TKS8WCd7KJTqBgSTLvP7Up-FzpJvIp1K0vHt-x1M6yaMiG2cAOyp9RGOr8hl6R4TImN5GzR27-d1a8-_gQlzyXVs4YqG9AvS-MOTgLoxm7fYuUaQpEe9XKf3Mxbyr2ckroedwGbPBmJHw&sai=AMfl-YQ_3CEWNDZ0h5mDVL_5ksDbX1CjzfEsCD7s_mmWsKt0E6a9PjbvxzprcbcBlwCM0qzUycp4CKXohft-r7enGwhN0Y9V2HTvdUT7qNAsDG1jPVso-Slke_Db4ASpAzw&sig=Cg0ArKJSzLVtSHaJziF8EAE&urlfix=1&adurl=
Frame ID: E63D51CA7B9D9CB1A20964A28CE4826F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_smrcp.html
Frame ID: DD5FFCDFB1E54C7392720E4CFAD3E51A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbU2q35QEtGlNpDOO4DCvEvtA2HlyeLcYRZukd1TJa8_lkiuTxghbTIlO9wwpBzpAtXBj4g38oE_PNoRn_i0OxIuw1Yt9azNb80nU5wO9Sm9KSegPIQBECnWjcEpImjuaTYOCvKkRp0Y_HYpoyTPaT81mDZvoblB4nbybDUPzyb0C4QbO1f_y_bamv4QpsAFl4z-0p6EGfOhci1hZQ15IcOYv9cnRrGfWSSRAgGv_6gj970iRt-ItRHuLk-3CKQeif0AQbYwSh60AF6ZXHxNPoc1UcL2Qp-lGbgCLDBA&sai=AMfl-YSqO7tkRBE5AQ5SzgzU6N3-dUleWIsK9khIE3um-owrY0ni10210vVF2SGnwjd-4s54PyejFafMCJl3y6A4SOvOPAJKAmcbR6zFMVzWdQcmbrRTENrfw_PQiuDuOqs&sig=Cg0ArKJSzGKKw137g2jGEAE&urlfix=1&adurl=
Frame ID: 48408B0FDCABA3B5B255BF9AC5D40FAA
Requests: 12 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_smrcp.html
Frame ID: 42305C7401C0CAAC5567E4EBC2B7D59D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstupOJmQrIPBps9qq7zDGKLApypOBGAX778mahE_-0icuFresc0psFqfVaxEw0ZimFTyB9ZtFAQibEZLfqoX7L3PbcoRQnGCuSjltEXP_pzve9vjFpvMcf1qi7c8VfFVvlnDPYgzZyXZd534bpuqAASswgygHM1l4Uy2BmW82CqMDp5z2SrUyaVzhpsuK-i4qY-j3DhzAtA_ase6ho-ghtsquET_KUXQRHezuOc2dV-G_mgjJW56C95NcJmGUUp5OdQDKYMVpFN11kcDPDSoHPUAX2joViC4A&sai=AMfl-YS4KFEGDb9KTDGDs2y1h_q8uS1XxgLifEZM0FA5dpG9t_cE0TgDokCYlgoGdUgLYVxh_qVJ1ihLZxgwuvlghAWbZ9WeAiPrFAacyL4yTLgbaXdmeGX9p3NaYKwiOJ9z&sig=Cg0ArKJSzMFD3cvbxcpzEAE&urlfix=1&adurl=
Frame ID: A4E4C936548538538D1AB22BB0746AB4
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7ekUALPthGLtW67IqtOIHYeLEJIjeoEZx2MYXu7WoJT30wBY4FdGlF2amo_djJPzSxntibRqF8KeJrIHHVoEtYbKvDczBLQM9AjhfoLqECf4JNjv9grePu6YOiM0sgjpnubZA8mVyh_-j0zUINPuMfQ_qTYClZZi3k-eFCMJWC_x73mDzSluIFLHm_vZDL8vKOf7POSkqmIAFqaau0_269M4YhZ4-RyN_E3fGohtOZSy7u1Sc4tr68ZkwqozbcAx5ixgABhgxr7yGomvsAPL_eFZqvhklZCODjDqZEg&sai=AMfl-YSdQEqLJiCHGCM7sHae11wOwdAkgIH0sZ9k6KHadlb8d0JPXfG9I84oNn1WXvJFxqyrMxyWeYqCI1jn4zBgMUTDrFuAh524ori6q6u10FvojXTg20he00UQpF88yZlP&sig=Cg0ArKJSzP7sdEuwPeiPEAE&urlfix=1&adurl=
Frame ID: B3690DBF401D6E98231780159F4D79EF
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstphruHgmcAetKng0beBQSNebb9POAq3869cMyimmL_2FLtS2_Ts5F6tIQobv_ASlaONYZhjINXTu5M9hhqjGGKULppqX-tu6fcC4R6qoJlsg_2GY4WDES7uXVl0Y_vESxv0TCjgk2I3jEr6J9h-O6bJ9zNRzmcWktXdoH5E0cwpgcrJpIJ5nTM4nuvqTa7g06UtjSevmMKaE7GB7aIzF6SxTKpJWlOutNv9X8wEWRieLUd7LfZ6kst9QkxlOT9nUMuT7AnREyVW4xJ_ZJfR7bARCK44XDQ6rQa54JIHQ&sai=AMfl-YQI9_juQ61vnM7OvMz6Vr1UMSt0cOdM0eFz7DIifUj2hexpBzjDVtwI9_ub80sBDVq-RIr-wVByOqWpU-29vuEqJleGijC6pVnhplosrNuITeZIdUDqfRbW1NGY2OU&sig=Cg0ArKJSzDS3R-_wiohGEAE&urlfix=1&adurl=
Frame ID: 74EB0C45D5C7606E863902AC39EB5719
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwdBWCFZ_qyGEYoDVSf4aAjOQFcaxbGVYrZO_C-iTfPb26Qsrerj5v-oUqcPmF1qXcV57MtK7aA6hykSO8sWuEhurbSsk44R4TgHx3CrF_6YmcZndtWNGOV-NKy_G2VDUmZB7C8mHI3Xvy7fUNCREewY0gndDSytXzJD1_YVbYfcMYeRy_JBPklj3ENw_w3T9CJeY6vNMUWtXSGtdPFDPGpO8ZjfaoCe2BCMPh13RUtssTiqybKB9PXxqX_3UeTCMKnaKVCconnpSSFp2t_K6byTKqNughI0BXiUSTAQ&sai=AMfl-YRJQAEJnToIv0wGlFAOxwvIkRfb3WhDUDSjXtLM24v4ZAOpzYDgfoS9sQTjCtmUrndsdrUCoGF_913ljYqh5-ow0vX5A3HIkVnmQ_9y_4cqMaFCNyo41qrXkM8a4jOr&sig=Cg0ArKJSzOjBBmDdTQF-EAE&urlfix=1&adurl=
Frame ID: A07CF0CC72534C162334B765B30C7098
Requests: 12 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Frame ID: 5A2CFFE621504DAEC3FBFE0B99101B70
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_smrcp.html
Frame ID: 418E3C2FFAC8C4260E49255333D1A028
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_smrcp.html
Frame ID: 899DC3C1B5331BE8C0A06C141C50B7B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031644&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824594&bpp=4&bdt=55&idt=208&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=1161242955.1601533825&ga_sid=1601533825&ga_hid=1961353355&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=950&biw=1600&bih=1200&isw=336&ish=280&ifk=273030876&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2526887038237566&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ona5rqxgnmli&fsb=1&dtd=214
Frame ID: 5BA30A8C333CFF42F869856FBB2DE550
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_smrcp.html
Frame ID: 5F62F9A4058C77FFC62F8D256BD5FF06
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 302E82EF4E384FE016006BB0E539DA47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 0F1ECA11A14225FAE54081B52A47A8F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 69533386B7D536C165650290EAE61986
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: C31005C312872F3BDAB3E029CCAE9C3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 44FA476555CDD31CBF757BB05E13CF9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: DADFDECA426F6C66B9BF09566122893B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 39F40CFF166B1B04154AE3B74CB02723
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 6CE1ADB32D3B3B371B5B8C0D2FE01B81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 2C7E4C7AAD2C078D9C1F92B02958676F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

209
Requests

100 %
HTTPS

64 %
IPv6

21
Domains

26
Subdomains

23
IPs

8
Countries

4682 kB
Transfer

9394 kB
Size

3
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://continuousdev.com/33752-mimikatz-12467
Title: continuousdev

Search URL Search Domain Scan URL

URL: https://ar.continuousdev.com/33752-mimikatz-12467
Title: ar

Search URL Search Domain Scan URL

URL: https://bg.continuousdev.com/33752-mimikatz-12467
Title: bg

Search URL Search Domain Scan URL

URL: https://bn.continuousdev.com/33752-mimikatz-12467
Title: bn

Search URL Search Domain Scan URL

URL: https://ca.continuousdev.com/33752-mimikatz-12467
Title: ca

Search URL Search Domain Scan URL

URL: https://cs.continuousdev.com/33752-mimikatz-12467
Title: cs

Search URL Search Domain Scan URL

URL: https://da.continuousdev.com/33752-mimikatz-12467
Title: da

Search URL Search Domain Scan URL

URL: https://de.continuousdev.com/33752-mimikatz-12467
Title: de

Search URL Search Domain Scan URL

URL: https://el.continuousdev.com/33752-mimikatz-12467
Title: el

Search URL Search Domain Scan URL

URL: https://es.continuousdev.com/33752-mimikatz-12467
Title: es

Search URL Search Domain Scan URL

URL: https://et.continuousdev.com/33752-mimikatz-12467
Title: et

Search URL Search Domain Scan URL

URL: https://fi.continuousdev.com/33752-mimikatz-12467
Title: fi

Search URL Search Domain Scan URL

URL: https://fr.continuousdev.com/33752-mimikatz-12467
Title: fr

Search URL Search Domain Scan URL

URL: https://hi.continuousdev.com/33752-mimikatz-12467
Title: hi

Search URL Search Domain Scan URL

URL: https://hr.continuousdev.com/33752-mimikatz-12467
Title: hr

Search URL Search Domain Scan URL

URL: https://hu.continuousdev.com/33752-mimikatz-12467
Title: hu

Search URL Search Domain Scan URL

URL: https://id.continuousdev.com/33752-mimikatz-12467
Title: id

Search URL Search Domain Scan URL

URL: https://it.continuousdev.com/33752-mimikatz-12467
Title: it

Search URL Search Domain Scan URL

URL: https://iw.continuousdev.com/33752-mimikatz-12467
Title: iw

Search URL Search Domain Scan URL

URL: https://ko.continuousdev.com/33752-mimikatz-12467
Title: ko

Search URL Search Domain Scan URL

URL: https://lv.continuousdev.com/33752-mimikatz-12467
Title: lv

Search URL Search Domain Scan URL

URL: https://mr.continuousdev.com/33752-mimikatz-12467
Title: mr

Search URL Search Domain Scan URL

URL: https://nl.continuousdev.com/33752-mimikatz-12467
Title: nl

Search URL Search Domain Scan URL

URL: https://pl.continuousdev.com/33752-mimikatz-12467
Title: pl

Search URL Search Domain Scan URL

URL: https://pt.continuousdev.com/33752-mimikatz-12467
Title: pt

Search URL Search Domain Scan URL

URL: https://ro.continuousdev.com/33752-mimikatz-12467
Title: ro

Search URL Search Domain Scan URL

URL: https://ru.continuousdev.com/33752-mimikatz-12467
Title: ru

Search URL Search Domain Scan URL

URL: https://sk.continuousdev.com/33752-mimikatz-12467
Title: sk

Search URL Search Domain Scan URL

URL: https://sl.continuousdev.com/33752-mimikatz-12467
Title: sl

Search URL Search Domain Scan URL

URL: https://sr.continuousdev.com/33752-mimikatz-12467
Title: sr

Search URL Search Domain Scan URL

URL: https://ta.continuousdev.com/33752-mimikatz-12467
Title: ta

Search URL Search Domain Scan URL

URL: https://te.continuousdev.com/33752-mimikatz-12467
Title: te

Search URL Search Domain Scan URL

URL: https://th.continuousdev.com/33752-mimikatz-12467
Title: th

Search URL Search Domain Scan URL

URL: https://tl.continuousdev.com/33752-mimikatz-12467
Title: tl

Search URL Search Domain Scan URL

URL: https://tr.continuousdev.com/33752-mimikatz-12467
Title: tr

Search URL Search Domain Scan URL

URL: https://uk.continuousdev.com/33752-mimikatz-12467
Title: uk

Search URL Search Domain Scan URL

URL: https://ur.continuousdev.com/33752-mimikatz-12467
Title: ur

Search URL Search Domain Scan URL

URL: https://vi.continuousdev.com/33752-mimikatz-12467
Title: vi

Search URL Search Domain Scan URL

URL: https://zh.continuousdev.com/33752-mimikatz-12467
Title: zh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.3035486037524584 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.3035486037524584

Request Chain 64

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.6553317338925364 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.6553317338925364

Request Chain 66

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.8509830267078655 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.8509830267078655

Request Chain 76

https://mc.yandex.ru/watch/56440495?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083023%3Aet%3A1601533823%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1521197397906%3Arqn%3A1%3Arn%3A531850347%3Ahid%3A814203657%3Ads%3A15%2C16%2C53%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A308%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533823%3Au%3A1601533823873426005%3At%3A%E3%83%9F%E3%83%9F%E3%82%AB%E3%83%83%E3%83%84%20-%20%E6%8A%80%E8%A1%93%20-%202020 HTTP 302
https://mc.yandex.ru/watch/56440495/1?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083023%3Aet%3A1601533823%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1521197397906%3Arqn%3A1%3Arn%3A531850347%3Ahid%3A814203657%3Ads%3A15%2C16%2C53%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A308%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533823%3Au%3A1601533823873426005%3At%3A%E3%83%9F%E3%83%9F%E3%82%AB%E3%83%83%E3%83%84%20-%20%E6%8A%80%E8%A1%93%20-%202020

Request Chain 88

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919

Request Chain 110

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031638&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533823787&bpp=15&bdt=50&idt=82&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&rume=1&frm=23&ife=4&pv=2&ga_vid=644582949.1601533824&ga_sid=1601533824&ga_hid=200429570&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=242&ady=2298&biw=1600&bih=1200&isw=336&ish=280&ifk=3972199852&scr_x=0&scr_y=0&eid=21067499%2C21066613%2C21066614%2C21067087&oid=3&pvsid=788575016662473&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.s5grxduniyfz&btvi=1&fsb=1&dtd=96 HTTP 302
https://cdn.zx-adnet.com/adx/1_smrcp.html

Request Chain 119

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031632&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533823894&bpp=6&bdt=49&idt=95&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=2003680053.1601533825&ga_sid=1601533825&ga_hid=1124067434&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1213&biw=1600&bih=1200&isw=728&ish=90&ifk=733174107&scr_x=0&scr_y=0&oid=3&pvsid=4169700582749092&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.6otz2od8i9pj&btvi=1&fsb=1&dtd=619 HTTP 302
https://cdn.zx-adnet.com/adx/1_smrcp.html

Request Chain 149

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM%2Fzxm_smrcp&adk=1424687295&adf=816031634&w=970&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824565&bpp=6&bdt=44&idt=145&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=1215207499.1601533825&ga_sid=1601533825&ga_hid=880763344&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=102&biw=1600&bih=1200&isw=970&ish=250&ifk=1707452345&scr_x=0&scr_y=0&eid=21065724%2C21066705&oid=3&pvsid=183201821893203&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xxt9p6a7pyqv&fsb=1&dtd=198 HTTP 302
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

Request Chain 153

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031633&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824573&bpp=4&bdt=636&idt=196&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=703770639.1601533825&ga_sid=1601533825&ga_hid=1927692987&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=2090&biw=1600&bih=1200&isw=728&ish=90&ifk=3931701942&scr_x=0&scr_y=0&eid=21067495&oid=2&pvsid=201759148910319&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.cxhrky1upezs&btvi=1&fsb=1&dtd=201 HTTP 302
https://cdn.zx-adnet.com/adx/1_smrcp.html

Request Chain 157

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031635&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824583&bpp=5&bdt=55&idt=197&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=679791551.1601533825&ga_sid=1601533825&ga_hid=801988768&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1468&biw=1600&bih=1200&isw=728&ish=90&ifk=678520965&scr_x=0&scr_y=0&eid=42530671%2C21066706&oid=3&pvsid=3932501515839952&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.r8iz0wdckbz&btvi=1&fsb=1&dtd=202 HTTP 302
https://cdn.zx-adnet.com/adx/1_smrcp.html

Request Chain 165

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031645&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824609&bpp=3&bdt=62&idt=212&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=1744266328.1601533825&ga_sid=1601533825&ga_hid=948868304&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=1412&biw=1600&bih=1200&isw=336&ish=280&ifk=3256832663&scr_x=0&scr_y=0&eid=42530672%2C44726948%2C21066706&oid=3&pvsid=2546735285757325&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.2tmwznfar890&btvi=1&fsb=1&dtd=218 HTTP 302
https://cdn.zx-adnet.com/adx/1_smrcp.html

Request Chain 215

https://mc.yandex.ru/watch/56440495?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083038%3Aet%3A1601533838%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A184%3Als%3A1521197397906%3Arqn%3A2%3Arn%3A711266544%3Ahid%3A814203657%3Ads%3A%2C%2C%2C%2C%2C%2C%2C643%2C12%2C4972%2C4973%2C13%2C732%3Agdpr%3A14%3Aeu%3A1%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533838%3Au%3A1601533823873426005 HTTP 302
https://mc.yandex.ru/watch/56440495/1?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083038%3Aet%3A1601533838%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A184%3Als%3A1521197397906%3Arqn%3A2%3Arn%3A711266544%3Ahid%3A814203657%3Ads%3A%2C%2C%2C%2C%2C%2C%2C643%2C12%2C4972%2C4973%2C13%2C732%3Agdpr%3A14%3Aeu%3A1%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533838%3Au%3A1601533823873426005

209 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 33752-mimikatz-12467 Show response
ja.continuousdev.com/ 41 KB
8 KB 86ms
53ms Document
text/html 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5498fa8df7643df82d8f77416fffd331da8d06c79e6f1bfaa018ebc02b62def

Request headers

:method: GET
:authority: ja.continuousdev.com
:scheme: https
:path: /33752-mimikatz-12467
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 06:30:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d88fb243abf9b8ba35c20f30d629afa141601533822; expires=Sat, 31-Oct-20 06:30:22 GMT; path=/; domain=.continuousdev.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=86400
expires: Fri, 02 Oct 2020 06:30:22 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 058473dfc000003258569d3200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5db422793b253258-FRA
content-encoding: br

GET
H2 200 / Show response
0sercher.biz/ 20 KB
20 KB 170ms
24ms Script
application/javascript 167.71.72.151
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0sercher.biz/?pu=gjqtqyrwmq5ha3ddf4ztcmjs

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.71.72.151 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4c60990a8b754778e928b4b42a271bb70e93d690f6cc169401c5aef302eb7606

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 06:30:23 GMT
server: nginx
access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 fbee5afb-c05a-451e-bfac-9a4429fdcfd7.min.js Show response
cmp.optad360.io/items/ 335 KB
95 KB 103ms
72ms Script
application/javascript 2600:9000:2156:9800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/fbee5afb-c05a-451e-bfac-9a4429fdcfd7.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc4e97dbbb9ce7c3ca5801b0b64c42e1faf83978b815f0eaf7c819757d0c464a

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 10:10:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"a7384460c9d5867bd28671b09a551209"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: -i0r-Zd-TidzqBXvh03bd5nxJtJKFxvtBtfvCIj2i9wHhr8AXpxw6Q==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 29ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
continuousdev.com/template/mimit/css/ 118 KB
18 KB 107ms
93ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/bootstrap.min.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569d6200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"1d970-5aadd4a9f661d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac1b3258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 font-awesome.min.css
continuousdev.com/template/mimit/css/ 30 KB
7 KB 90ms
76ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/font-awesome.min.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569d9200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"7918-5aadd4a9f855d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac203258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 icofont.css
continuousdev.com/template/mimit/css/ 110 KB
15 KB 104ms
90ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/icofont.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13efb75e18c2c0bf096b482ed5543e76229f817ce7601a3e90510b024d8a0a4a

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569e0200000001
last-modified: Mon, 20 Jul 2020 10:51:41 GMT
server: cloudflare
etag: W/"1b962-5aadd4ab0bb9b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac293258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 yamm.css
continuousdev.com/template/mimit/css/ 441 B
373 B 37ms
23ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/yamm.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f68be2d8073fe3c26998677d2f8c653a8789211fe1a281f244199743e1f88a

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 114982
status: 200
cf-request-id: 058473e00f00003258569e3200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"1b9-5aadd4aa90adc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279bc373258-FRA
expires: Tue, 13 Oct 2020 22:34:01 GMT

GET
H2 200 slick.css
continuousdev.com/template/mimit/css/ 5 KB
1 KB 87ms
73ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/slick.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77837e226da14b0bf366a3d01aa13d2a2da4457ebfeacdb3ffb96163886ac207

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569de200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"132d-5aadd4aa0601d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac273258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 magnific-popup.css
continuousdev.com/template/mimit/css/ 7 KB
2 KB 89ms
76ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/magnific-popup.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569d8200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"1b27-5aadd4aaa81dc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac1f3258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 style.css
continuousdev.com/template/mimit/css/ 76 KB
13 KB 88ms
74ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/style.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9415899914432486118054675710b93ae763510379a90ef501e43069d9e66bc

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569e1200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"12eb3-5aadd4aa4a5dd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac2a3258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 style1.css
continuousdev.com/template/mimit/css/ 316 B
288 B 88ms
75ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/style1.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e218093a860eff35591a9e6a097cd6e97a0048614af8be19ef7b7514cdf8b51

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00f00003258569e2200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"13c-5aadd4aa263bd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279bc353258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 custom_script.css
continuousdev.com/template/mimit/css/ 0
142 B 62ms
50ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/custom_script.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 0
cf-request-id: 058473e00a00003258569da200000001
last-modified: Mon, 20 Jul 2020 10:51:39 GMT
server: cloudflare
etag: "0-5aadd4a9b9d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5db42279ac223258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 frontend-grid.css
continuousdev.com/template/mimit/css/ 13 KB
2 KB 89ms
77ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/frontend-grid.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a033a00ee48a517e6697add120b26bebf4646c8f70d003cfdc38faba6fbf28

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569dd200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"3248-5aadd4aa2d11d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac263258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 frontend.css
continuousdev.com/template/mimit/css/ 8 KB
2 KB 85ms
73ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/frontend.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d94a6f7805414cb84319355ac5284387de5a45789083d85335e3dcbffd9bdeb5

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569db200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"2035-5aadd4aa5133c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac233258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 background.css
continuousdev.com/template/mimit/css/ 3 KB
648 B 87ms
75ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/background.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06630209aa0f855dad77577fd1e1236c3cf931556477cff885765792c4cac68d

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569dc200000001
last-modified: Mon, 20 Jul 2020 10:51:39 GMT
server: cloudflare
etag: W/"a06-5aadd4a9ce57e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac243258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 styles.css
continuousdev.com/template/mimit/css/ 112 B
253 B 24ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/styles.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5b6a4c0cddec5a598d9d760704de6cdaf9fbc7332c45d36acc4da30d375b86

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224145
status: 200
cf-request-id: 058473e00a00003258569d7200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"70-5aadd4aa428dd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac1d3258-FRA
expires: Mon, 12 Oct 2020 16:14:37 GMT

GET
H2 200 styles1.css
continuousdev.com/template/mimit/css/ 355 B
247 B 86ms
74ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/styles1.css
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77118bb428e41c7b0b2e2c857bb356ddfb4533da443a13725a05d911fa5d34c3

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00a00003258569df200000001
last-modified: Mon, 20 Jul 2020 10:51:40 GMT
server: cloudflare
etag: W/"163-5aadd4aa4a5dd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279ac283258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
44 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc4f9c0465ed6abb47da677db72ed176752780420e50ff73732e951d0621dd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45222
x-xss-protection: 0
server: cafe
etag: 13305662673285261517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H2 200 jquery-3.2.1.js Show response
code.jquery.com/ 262 KB
77 KB 10ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

Origin: https://ja.continuousdev.com
Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:22 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
status: 200
etag: W/"58d026fb-41707"
vary: Accept-Encoding
x-hw: 1601533822.dop018.fr8.t,1601533822.cds269.fr8.hn,1601533822.cds221.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79082

GET
H2 200 jquery.js Show response
continuousdev.com/template/mimit/js/ 95 KB
32 KB 97ms
85ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/jquery.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00f00003258569e4200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"17ba0-5aadd4ac38818-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279bc383258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
continuousdev.com/template/mimit/js/ 10 KB
4 KB 66ms
55ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/jquery-migrate.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e00f00003258569e5200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"2748-5aadd4ac462d8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db42279bc393258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 database-administrator-dba.jpg
continuousdev.com/img/technology/ 32 KB
32 KB 72ms
68ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/database-administrator-dba.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760b0d80bee77087168837a542642578dcdf3e7244d09a1ecbd0c646501c72b1

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 32504
cf-request-id: 058473e0ad00003258569fb200000001
last-modified: Sat, 23 Nov 2019 05:52:57 GMT
server: cloudflare
etag: "7ef8-597fd247852bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae133258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 web-client.png
continuousdev.com/img/technology/ 133 KB
134 KB 86ms
81ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/web-client.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059a8b50d39602f4956f909e9934453cc06e167af6cf0af9dfa520cf4b255459

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 136474
cf-request-id: 058473e0ad00003258569fc200000001
last-modified: Sat, 23 Nov 2019 06:16:08 GMT
server: cloudflare
etag: "2151a-597fd775e56e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae153258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 distributed-computing-system.png
continuousdev.com/img/technology/ 226 KB
226 KB 75ms
71ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/distributed-computing-system.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd23a88f731c790907cca443cacbebd70ae3397d5c3713524f51059cf20d9b76

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 231424
cf-request-id: 058473e0ad00003258569fd200000001
last-modified: Sat, 23 Nov 2019 05:54:09 GMT
server: cloudflare
etag: "38800-597fd28baa74d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae163258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 54 KB
8 KB 51ms
15ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4e70ab1bedf4bf4310151ee763495d23d2a45a2013224b033e1a71ed874d8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
x-timer: S1601533823.167397,VS0,VE0
etag: "ced2cced849c888ba5793ea81910795fbfc69f266d4bd0190f2f8481a436bd78-br"
x-served-by: cache-ams21058-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Thu, 01 Oct 2020 06:30:23 GMT
accept-ranges: bytes
content-length: 8363
x-cache-hits: 5

GET
H2 200 mimikatz.png
continuousdev.com/img/technology/ 166 KB
166 KB 82ms
78ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/mimikatz.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5452835dd3bcc5fa1f168f5a2822892f7d42a0e713f96ed592367e8e75416f33

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 169979
cf-request-id: 058473e0ad00003258569fe200000001
last-modified: Sat, 23 Nov 2019 06:03:52 GMT
server: cloudflare
etag: "297fb-597fd4b7553a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae173258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 terms-of-service-tos.jpg
continuousdev.com/img/technology/ 110 KB
111 KB 188ms
183ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/terms-of-service-tos.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1d81e31d00a70bf7056b525ac1c0b87d6314b0add996611c6e2a32721f7ee

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 113041
cf-request-id: 058473e0ad00003258569ff200000001
last-modified: Sat, 23 Nov 2019 06:13:00 GMT
server: cloudflare
etag: "1b991-597fd6c20891e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae193258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 interpolation.png
continuousdev.com/img/technology/ 193 KB
194 KB 70ms
66ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/interpolation.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed54fd45787a645eac2a842ab6eebd8506053acc3541aea89953c3b2f3b4bf4c

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 198108
cf-request-id: 058473e0ad0000325856a00200000001
last-modified: Sat, 23 Nov 2019 06:01:10 GMT
server: cloudflare
etag: "305dc-597fd41d43e07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae1b3258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 what-the-is-data-discovery.jpg
continuousdev.com/img/technology/ 24 KB
24 KB 73ms
68ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/what-the-is-data-discovery.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8123c4306f7adc317ad3cd56719569f1f2fad0a8bd8a373ed58953e38c80b928

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24866
cf-request-id: 058473e0ad0000325856a01200000001
last-modified: Sat, 23 Nov 2019 06:16:48 GMT
server: cloudflare
etag: "6122-597fd79bb7077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae263258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 data-structure.png
continuousdev.com/img/technology/ 67 KB
68 KB 648ms
644ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/data-structure.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a3a8bf757cb9fcdfa0ff30a330faac4a69240b0d1b7a4d2ff647504090c0dd5

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 69015
cf-request-id: 058473e0ad0000325856a02200000001
last-modified: Sat, 23 Nov 2019 05:52:52 GMT
server: cloudflare
etag: "10d97-597fd24230ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae283258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 leisure-diving.jpg
continuousdev.com/img/technology/ 32 KB
32 KB 77ms
73ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/leisure-diving.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 675feccb36a9ebaa79ac076b5a0acdf972ee044c78a25573b99e2b71ebc49cf3

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 32900
cf-request-id: 058473e0ad0000325856a03200000001
last-modified: Sat, 23 Nov 2019 06:02:19 GMT
server: cloudflare
etag: "8084-597fd45eadf27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae293258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 hot-buffer.jpg
continuousdev.com/img/technology/ 54 KB
54 KB 80ms
76ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/hot-buffer.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc59e161d33fb56bcc88ce76b11333ce57de06288f3fee8a4bf679fb1c1772c

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 55320
cf-request-id: 058473e0ad0000325856a04200000001
last-modified: Sat, 23 Nov 2019 05:58:41 GMT
server: cloudflare
etag: "d818-597fd38f9b47a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae2b3258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 soft-bounce.png
continuousdev.com/img/technology/ 283 KB
284 KB 87ms
83ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/soft-bounce.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fb719c9adfc590e10a72cc0be83397a0a6298dd239b200513a0feede42a563

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 289863
cf-request-id: 058473e0ad0000325856a05200000001
last-modified: Sat, 23 Nov 2019 06:11:16 GMT
server: cloudflare
etag: "46c47-597fd65ef7469"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae2c3258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 ip-datacasting.jpg
continuousdev.com/img/technology/ 42 KB
43 KB 464ms
460ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/ip-datacasting.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c3a20eb0adcd5b8e6b08ec732022187576c34c0b502993685317d82dd96f33

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 43349
cf-request-id: 058473e0ad0000325856a06200000001
last-modified: Sat, 23 Nov 2019 06:01:15 GMT
server: cloudflare
etag: "a955-597fd422338c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae2d3258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 how-recommendation-systems-are-the-way-we-shop-online.jpg
continuousdev.com/img/technology/ 29 KB
29 KB 1095ms
1091ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/how-recommendation-systems-are-the-way-we-shop-online.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a29312792ca36eac3ab0c852a3df4e46504c3fc9a70cc11dbc817daea4a45ab

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 29304
cf-request-id: 058473e0ad0000325856a07200000001
last-modified: Sat, 23 Nov 2019 05:59:19 GMT
server: cloudflare
etag: "7278-597fd3b3db8a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae2f3258-FRA
expires: Fri, 01 Oct 2021 06:30:24 GMT

GET
H2 200 brush-tool.jpg
continuousdev.com/img/technology/ 29 KB
30 KB 1127ms
1123ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/brush-tool.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9b7548f0a8a40182488321e010043c33bafa70cfa9ec8d5ee3c9dc8e68afa6

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 30102
cf-request-id: 058473e0ad0000325856a08200000001
last-modified: Sat, 23 Nov 2019 05:48:33 GMT
server: cloudflare
etag: "7596-597fd14b1446a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae313258-FRA
expires: Fri, 01 Oct 2021 06:30:24 GMT

GET
H2 200 how-do-companies-work-toward-composable-infrastructure-presented-by-turbonomic.jpg
continuousdev.com/img/technology/ 73 KB
73 KB 541ms
537ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/how-do-companies-work-toward-composable-infrastructure-presented-by-turbonomic.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1143e1930a026a7106624058e9ad9a65604a75d37c1b68e96ac3061ce96a562

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 74919
cf-request-id: 058473e0ad0000325856a09200000001
last-modified: Sat, 23 Nov 2019 05:59:04 GMT
server: cloudflare
etag: "124a7-597fd3a52109a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae323258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 bip-148.png
continuousdev.com/img/technology/ 95 KB
95 KB 546ms
543ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/bip-148.png
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a3c2ee2e8c154629019aba93de37a4f1cd6174d99cee561ea6543b4a19ad03

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 96770
cf-request-id: 058473e0ad0000325856a0a200000001
last-modified: Sat, 23 Nov 2019 05:47:57 GMT
server: cloudflare
etag: "17a02-597fd128f9d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae333258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 just-in-time-jit.jpg
continuousdev.com/img/technology/ 29 KB
29 KB 114ms
110ms Image
image/jpeg 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://continuousdev.com/img/technology/just-in-time-jit.jpg
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15076efc64609a710772a6a751c75d20209d9c0b2d63f17ac4a1b491ffc14f24

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 29249
cf-request-id: 058473e0ad0000325856a0b200000001
last-modified: Sat, 23 Nov 2019 06:01:49 GMT
server: cloudflare
etag: "7241-597fd442e79b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5db4227aae343258-FRA
expires: Fri, 01 Oct 2021 06:30:23 GMT

GET
H2 200 scripts.js Show response
continuousdev.com/template/mimit/js/ 14 KB
4 KB 26ms
21ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/scripts.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224146
status: 200
cf-request-id: 058473e08900003258569ea200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"3654-5aadd4ac50eb8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7da93258-FRA
expires: Mon, 12 Oct 2020 16:14:37 GMT

GET
H2 200 jquery.blockUI.min.js Show response
continuousdev.com/template/mimit/js/ 9 KB
3 KB 61ms
56ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/jquery.blockUI.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e08900003258569eb200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"255e-5aadd4abe86d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7dab3258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
continuousdev.com/template/mimit/js/ 20 KB
7 KB 56ms
51ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/jquery.magnific-popup.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442cf9c977155b6d9a62f2e787be37873386919455003bcf9643378f6e1808e6

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e08900003258569ec200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"4f2a-5aadd4ac1d299-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7dae3258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 bootstrap.min.js Show response
continuousdev.com/template/mimit/js/ 36 KB
9 KB 22ms
18ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/bootstrap.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224146
status: 200
cf-request-id: 058473e08900003258569ed200000001
last-modified: Mon, 20 Jul 2020 10:51:41 GMT
server: cloudflare
etag: W/"90b5-5aadd4abbc7b9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7daf3258-FRA
expires: Mon, 12 Oct 2020 16:14:37 GMT

GET
H2 200 stickyfill.min.js Show response
continuousdev.com/template/mimit/js/ 6 KB
2 KB 62ms
57ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/stickyfill.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d354f58e183ed80cfd5f1e23cc3eba3913c3cc9b5e16ceef19adea6b68560336

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224146
status: 200
cf-request-id: 058473e08900003258569ee200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"1628-5aadd4ac6a4f8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7db03258-FRA
expires: Mon, 12 Oct 2020 16:14:37 GMT

GET
H2 200 infinite-scroll.min.js Show response
continuousdev.com/template/mimit/js/ 21 KB
12 KB 53ms
49ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/infinite-scroll.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52c834a0c553d22cddb73c948433ace91b9181e0e95fb54d07d6d6f61345f0c

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e08900003258569ef200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"54c8-5aadd4ac491b8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a7db13258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 slick.min.js Show response
continuousdev.com/template/mimit/js/ 41 KB
10 KB 56ms
54ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/slick.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbe3163b9ac1a6b31ec2924f7eb1d62722918401d5458a7c3d60a7c9e16f2b4

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0a100003258569f1200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"a3f1-5aadd4ac80c58-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a9de73258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 openshare.min.js Show response
continuousdev.com/template/mimit/js/ 47 KB
10 KB 65ms
60ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/openshare.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b337c30f4350d5391cf738beff985928222e4ca4ffa6306be32ef274ce0df4b1

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ab00003258569f3200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"bbf5-5aadd4ac58bb8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae033258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 custom.js Show response
continuousdev.com/template/mimit/js/ 11 KB
3 KB 63ms
58ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/custom.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040836b15e50bf4d264dab219fd17693b9c60475d6fd6625b3a9e605d3f7a654

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ab00003258569f4200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"2c12-5aadd4ac0d899-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae053258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
continuousdev.com/template/mimit/js/ 4 KB
1 KB 57ms
52ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/q2w3-fixed-widget.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ab00003258569f5200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"1094-5aadd4ac3e5d8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae063258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 core.js Show response
continuousdev.com/template/mimit/js/ 7 KB
3 KB 440ms
435ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/core.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5e9dbfcf39ef26821d0318f3ccdba50aa7541948545e3f65a3f5e73e398c82

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ab00003258569f6200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"1cdc-5aadd4abe86d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533824"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae073258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 transition.js Show response
continuousdev.com/template/mimit/js/ 1 KB
810 B 62ms
57ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/transition.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5a226f09e4936c7cb209561f3ad355471fb147b234a5c9b0b18b4eb7808967

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ab00003258569f7200000001
last-modified: Mon, 20 Jul 2020 10:51:42 GMT
server: cloudflare
etag: W/"565-5aadd4ac750d8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae083258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 background.js Show response
continuousdev.com/template/mimit/js/ 7 KB
3 KB 20ms
15ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/background.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a33f4b56e1b07bcb238a1f08c77e2578c2460c1cb17e132659fec789ff5b28d

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 224146
status: 200
cf-request-id: 058473e0ab00003258569f8200000001
last-modified: Mon, 20 Jul 2020 10:51:41 GMT
server: cloudflare
etag: W/"1a55-5aadd4ab9377a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae093258-FRA
expires: Mon, 12 Oct 2020 16:14:37 GMT

GET
H2 200 background.init.js Show response
continuousdev.com/template/mimit/js/ 385 B
394 B 213ms
209ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/background.init.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1ca172a4191b7e846b02ee0dcd8d513d32df430b4b0ac9a4d2c8760a1de907

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0ad00003258569f9200000001
last-modified: Mon, 20 Jul 2020 10:51:41 GMT
server: cloudflare
etag: W/"181-5aadd4ab9665a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227aae103258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 inline-script.js Show response
continuousdev.com/template/mimit/js/ 0
89 B 57ms
53ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/js/inline-script.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 0
cf-request-id: 058473e0ad00003258569fa200000001
last-modified: Mon, 20 Jul 2020 10:51:41 GMT
server: cloudflare
etag: "0-5aadd4abd0039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5db4227aae123258-FRA
expires: Thu, 15 Oct 2020 06:30:23 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 17ms
14ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 35480
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
cf-request-id: 058473e08900001766f6bda200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db4227a7d531766-FRA
expires: Tue, 21 Sep 2021 06:30:23 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 14ms
11ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1851643
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
cf-request-id: 058473e08900001766f6bdb200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db4227a7d561766-FRA
expires: Tue, 21 Sep 2021 06:30:23 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 256 KB
66 KB 27ms
7ms Script
application/javascript 2600:9000:21f3:ac00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ac00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12bf15e5ff35d834b6f762d83b60bd99a6d09bd4c9f8e5eacd1bfb5400c2bdd0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:05:02 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 10:20:16 GMT
server: AmazonS3
age: 1522
etag: "b3a84c0943c1291941e716d4183b9657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: lt3PgTDECC5ivUqNfqVvdwW_Hr4KD2yf9LAesRl0m411g4216Kh43A==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 131ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

37a0e81b1fbc136f79c15546064a99531ed5a52be9eb067f4f564668034c6b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 06:30:23 GMT
Content-Encoding: br
Last-Modified: Wed, 30 Sep 2020 17:02:52 GMT
ETag: "5f632419-176c5"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 95941
Expires: Thu, 01 Oct 2020 07:30:23 GMT

GET
H2 200 icofont.ttf
continuousdev.com/template/mimit/css/fonts/ 995 KB
600 KB 137ms
118ms Font
application/font-sfnt 2606:4700:3031::681b:9ee9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://continuousdev.com/template/mimit/css/fonts/icofont.ttf?v=1.0.0-beta
Requested by: Host: continuousdev.com
URL: https://continuousdev.com/template/mimit/css/icofont.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9ee9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2e76e07a7208cc4c0f7afb773a89a314c4d13bf7f6def920ad50817e6ba735

Request headers

Origin: https://ja.continuousdev.com
Referer: https://continuousdev.com/template/mimit/css/icofont.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 058473e0a100002bdd741a4200000001
last-modified: Mon, 20 Jul 2020 10:51:45 GMT
server: cloudflare
etag: W/"f8afc-5aadd4af12f92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533823"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 5db4227a98b72bdd-FRA
expires: Thu, 08 Oct 2020 06:30:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
17 KB 82ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/fbee5afb-c05a-451e-bfac-9a4429fdcfd7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

2161fcbc5015f70f560b8e8b8ecb3c63a740fbe32ae2f93fb305f99af4536db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "649 / 304 of 1000 / last-modified: 1601504098"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17459
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
18 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa19931604e1aa2b39a8448234677b7967e4adec0d6f0956a381ce5428026f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "649 / 980 of 1000 / last-modified: 1601503898"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17446
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
398 B 90ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.44991314053642584

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.3035486037524584
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.303...

0
0

46ms
46ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.3035486037524584
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Strict-Transport-Security: max-age=31536000
Location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.3035486037524584
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
398 B 136ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5233268162733495

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.6553317338925364
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.655...

0
0

54ms
54ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.6553317338925364
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Strict-Transport-Security: max-age=31536000
Location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.6553317338925364
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
444 B 137ms
46ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5138495049947576

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.8509830267078655
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.850...

0
0

47ms
47ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.8509830267078655
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.continuousdev.com%22%3A%7B%22https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467%22%3A%22%22%7D%7D%7D&r=0.8509830267078655
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
444 B 53ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.9285167210272298

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK 53428543
mc.yandex.ru/watch/ 0
0 47ms
46ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.4578835662564005
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
444 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.14695252489797195

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK 53428543
mc.yandex.ru/watch/ 0
0 46ms
46ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.4869637826490456
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
444 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5995626732826735

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK 53428543
mc.yandex.ru/watch/ 0
0 46ms
46ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.27027132608690474
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
444 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.16714857718467102

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H/1.1 200
OK 53428543
mc.yandex.ru/watch/ 0
0 51ms
50ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.continuousdev.com%22:{%22https://ja.continuousdev.com/33752-mimikatz-12467%22:%22%22}}}&r=0.2584355888812955
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020092901.js Show response
securepubads.g.doubleclick.net/gpt/ 270 KB
95 KB 66ms
36ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

36791f910a6b9922e91d0fbe1ecb4d5d4158862ed27a53759ee5a201cba4ef4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 08:45:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96984
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/56440495/
Redirect Chain

https://mc.yandex.ru/watch/56440495?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3A...
https://mc.yandex.ru/watch/56440495/1?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%...

186 B
696 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56440495/1?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083023%3Aet%3A1601533823%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1521197397906%3Arqn%3A1%3Arn%3A531850347%3Ahid%3A814203657%3Ads%3A15%2C16%2C53%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A308%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533823%3Au%3A1601533823873426005%3At%3A%E3%83%9F%E3%83%9F%E3%82%AB%E3%83%83%E3%83%84%20-%20%E6%8A%80%E8%A1%93%20-%202020

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a14b707512137151b80a940c978231f4a340d43d027c8b4be259fb0c384033ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ja.continuousdev.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 186
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:23 GMT
Access-Control-Allow-Origin: https://ja.continuousdev.com
Strict-Transport-Security: max-age=31536000
Location: /watch/56440495/1?wmode=7&page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083023%3Aet%3A1601533823%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1521197397906%3Arqn%3A1%3Arn%3A531850347%3Ahid%3A814203657%3Ads%3A15%2C16%2C53%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A308%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533823%3Au%3A1601533823873426005%3At%3A%E3%83%9F%E3%83%9F%E3%82%AB%E3%83%83%E3%83%84%20-%20%E6%8A%80%E8%A1%93%20-%202020
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
4 KB 161ms
161ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823557&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=242&adys=2298&adks=2520582938&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x-1&msz=360x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=4&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b50d1791557f1dc0f14430527a50b0c314fea98c16bd409b1018b7a3a6524c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3169
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194907
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 74ms
40ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 644ms
643ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823568&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=102&adks=1820452087&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

1b47420015893e55fdddc9b853d5cf13457bb8e36ec292293f333cab54efe83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2953
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194733
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 358ms
357ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823572&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2090&adks=2227000440&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=4&ohw=1600&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

d583594e749262814b1a22ea64757043a4988195f151ba94acdb7f4c9546aed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3175
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194754
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 244ms
243ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823575&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1213&adks=294471192&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=4&ohw=750&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

358b8d3d86300d6dcddcdd4f6411e38182f5212edd57a88aa99d711e75746149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3157
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308193146
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 715ms
715ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823579&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1468&adks=874004303&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=4&ohw=750&btvi=4&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

0f609489c7759022d33a9f23db085cb72eaab92f50a8c9d7121e9abfb05e4b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4212
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194757
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 834ms
832ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823584&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=950&adks=634434055&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x-1&msz=360x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=516&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

d8a7c1b1e76bc305d9baa0716b04ec20f341a053a3459214ba5e16956cdcd84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3157
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308219622
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 917ms
917ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823588&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=1412&adks=3131945506&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=44&icsg=2251845623873536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x-1&msz=360x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=516&ohw=1600&btvi=5&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

bd1d4e400dd699dc985072b99f68942f583743ef4762612e0a0b0d63fe4da797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3160
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194139
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919

43 B
496 B

51ms
50ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Oct 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.continuousdev.com/33752-mimikatz-12467;0.105014686116919
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 01 Oct 2019 21:00:00 GMT

GET
H2 200 / Show response
0sercher.biz/ 10 B
196 B 25ms
25ms Script
application/javascript 167.71.72.151
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0sercher.biz/?pus=gjqtqyrwmq5ha3ddf4ztcmjs&sub1=&sub2=&sub3=&sub4=&gmt=2

Requested by

Host: 0sercher.biz
URL: https://0sercher.biz/?pu=gjqtqyrwmq5ha3ddf4ztcmjs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.71.72.151 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 06:30:23 GMT
server: nginx
access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
379 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 06:30:23 GMT
Last-Modified: Mon, 06 Jul 2020 15:32:05 GMT
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 01 Oct 2020 07:30:23 GMT

GET
H2 200 prebid3.16.1.js Show response
get.optad360.io/sf/ 245 KB
246 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:ac00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid3.16.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ac00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43b453f67c688065a69564baa0d667e095d9b0976b7e702d37d2e9856e8992c5

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 06:15:57 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jun 2020 10:06:45 GMT
server: AmazonS3
age: 346467
etag: "be838a885c1621ab4878eb4718b6dcc0"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 251074
x-amz-cf-id: jNnZbiDWWI_8MdepG6eIr5-9EJON4d8qKtQbs7EbNi-JFKQbZPqp7w==

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
295 B 177ms
177ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=329429709755419&correlator=3385996745722299&output=ldjh&impl=fif&adsid=NT&eid=21067588%2C21064368&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201001&iu_parts=121764058%2Cvermin-club.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90%7C1200x90&cust_params=seg_id%3D21120200%26site_domen%3Dja.continuousdev.com%26site_topdomen%3Dcontinuousdev.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202020%2520Mimikatz%2520Window%2520Window%2520Mimikatz%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1601533823&dt=1601533823662&dlt=1601533822967&idt=555&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2437181797&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&dssz=56&icsg=3001666743828488&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=71866111.1601533824&ga_sid=1601533824&ga_hid=978550930&fws=644&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

2a92586436202248c70832cccc1d498dbb0c66ca0dea0452af0f8d2cb0381507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 17ms
6ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20201001

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6edf65135f6d00cdab946ecf29c444a70500cf17489fc7702710b195d07f4521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15577
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 758
etag: W/"53e-b6b49uW/tM0UXJ1+afBvcM2t5D4"
x-served-by: cache-fra19120-FRA
date: Thu, 01 Oct 2020 06:30:23 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19E6 0
0 33ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9iBPzEmrwU8S5htc5HdkIC_Jt6Xa_drUEsoRdlIqIVitfO1CYI4fEHYrPkB_xpw-MLh49P3FVcIeR-Zvi7k8x1qOQq4H9jiq72KGqO2syVKqJZxxrMh60mlWvOy813Agv4m5GtWhZh69w89xqlvpg2c13_yockOMhVBgEv0kcw768z8LdUcIXUjLl62E99FWovd0hvaDQVBQeyw9gFhhQZbeimDr89jeI2qkvpuFnXNltJtFIpSn8ygNE-Py3HaTzDF1l65dwNOwAauY6JgQPknFBuJL-81EN7bNAWw&sai=AMfl-YTdRTxEwtyy2qe_YMYeHbK-RY124HToCnMmossXIUx5OsiIBlJhRgbTcLJ2TWbTZ8eGEKiSyaXiBzACyq21j0r7km7mMMu_34jr5yr06ZWymWd3JBx4q5F4Wu7zm4oy&sig=Cg0ArKJSzHjoDh46akYNEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 19E6 91 KB
32 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19E6 74 KB
28 KB 62ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 58ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame 19E6 229 KB
86 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame 395C 0
0 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200924/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6IuvICKuAEEF02-0OdEKpmPraONXrr56zP-XHfj9hiogVCTc7f4WivFRK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 30 Sep 2020 19:21:11 GMT
expires: Wed, 14 Oct 2020 19:21:11 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 40152
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 19E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5986a6b8a5968da5cfac15f1fd9ec61763fe428afdf12f2f052dc5ae77404594

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=329429709755419&r=728x90&w=728&h=90&a=0

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E63D 0
0 40ms
39ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGBuP1lCgWiYbgMv_YZqktUR-wCmYY2JhFcb7yHYHQKCTdyNo8UZDgylQO8CljVvm7i3eIFPOGrwSPkgwwvUmcqqP4cITNvzEAn3GCmy9ZkM_RVhipaQmhu9Bbk6NqYhfFRZwS7dwByTiWgE6YGQGeqNa59TKS8WCd7KJTqBgSTLvP7Up-FzpJvIp1K0vHt-x1M6yaMiG2cAOyp9RGOr8hl6R4TImN5GzR27-d1a8-_gQlzyXVs4YqG9AvS-MOTgLoxm7fYuUaQpEe9XKf3Mxbyr2ckroedwGbPBmJHw&sai=AMfl-YQ_3CEWNDZ0h5mDVL_5ksDbX1CjzfEsCD7s_mmWsKt0E6a9PjbvxzprcbcBlwCM0qzUycp4CKXohft-r7enGwhN0Y9V2HTvdUT7qNAsDG1jPVso-Slke_Db4ASpAzw&sig=Cg0ArKJSzLVtSHaJziF8EAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame E63D 91 KB
32 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E63D 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 94ms
47ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:23 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.40:80
AN-X-Request-Uuid: 5660a065-f6bc-4c0b-ab5f-dc81a8e55863
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.continuousdev.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 50ms
18ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 01 Oct 2020 06:30:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ja.continuousdev.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 142ms
84ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTcxOTU3NSZ0cmFuc2FjdGlvbklkPWY2ODQyZThmLWFmZjEtNGNlNS1iY2JjLTAzYzE5YTY3ZjA4NiZyY3VyPVBMTg%3D%3D&pt=gross&stid=e3f23364-0a3f-4436-ab61-20097c55b571&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:23 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 19E6 109 B
890 B 34ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 19E6 109 B
868 B 36ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_smrcp.html
cdn.zx-adnet.com/adx/ Frame DD5F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031638&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2...
https://cdn.zx-adnet.com/adx/1_smrcp.html

0
0

16ms
15ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "04a6a292df1b8fa11152dedcbe28078e71f762f733c4649d3d4cd90add345001-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1601533825.517949,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 2068

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19E6 72 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame E63D 229 KB
86 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
DATA 200
OK truncated
/ Frame E63D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6fe957d731ffd800edd114594547a1d0d9d086638035ad96158bc7c22833ed8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4840 0
0 40ms
39ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbU2q35QEtGlNpDOO4DCvEvtA2HlyeLcYRZukd1TJa8_lkiuTxghbTIlO9wwpBzpAtXBj4g38oE_PNoRn_i0OxIuw1Yt9azNb80nU5wO9Sm9KSegPIQBECnWjcEpImjuaTYOCvKkRp0Y_HYpoyTPaT81mDZvoblB4nbybDUPzyb0C4QbO1f_y_bamv4QpsAFl4z-0p6EGfOhci1hZQ15IcOYv9cnRrGfWSSRAgGv_6gj970iRt-ItRHuLk-3CKQeif0AQbYwSh60AF6ZXHxNPoc1UcL2Qp-lGbgCLDBA&sai=AMfl-YSqO7tkRBE5AQ5SzgzU6N3-dUleWIsK9khIE3um-owrY0ni10210vVF2SGnwjd-4s54PyejFafMCJl3y6A4SOvOPAJKAmcbR6zFMVzWdQcmbrRTENrfw_PQiuDuOqs&sig=Cg0ArKJSzGKKw137g2jGEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4840 91 KB
32 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4840 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:23 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame E63D 109 B
149 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E63D 109 B
126 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_smrcp.html
cdn.zx-adnet.com/adx/ Frame 4230
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031632&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F...
https://cdn.zx-adnet.com/adx/1_smrcp.html

0
0

16ms
16ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "04a6a292df1b8fa11152dedcbe28078e71f762f733c4649d3d4cd90add345001-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 2
x-timer: S1601533825.850577,VS0,VE0
vary: x-fh-requested-host, accept-encoding
content-length: 2068

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E63D 72 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4E4 0
0 42ms
41ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstupOJmQrIPBps9qq7zDGKLApypOBGAX778mahE_-0icuFresc0psFqfVaxEw0ZimFTyB9ZtFAQibEZLfqoX7L3PbcoRQnGCuSjltEXP_pzve9vjFpvMcf1qi7c8VfFVvlnDPYgzZyXZd534bpuqAASswgygHM1l4Uy2BmW82CqMDp5z2SrUyaVzhpsuK-i4qY-j3DhzAtA_ase6ho-ghtsquET_KUXQRHezuOc2dV-G_mgjJW56C95NcJmGUUp5OdQDKYMVpFN11kcDPDSoHPUAX2joViC4A&sai=AMfl-YS4KFEGDb9KTDGDs2y1h_q8uS1XxgLifEZM0FA5dpG9t_cE0TgDokCYlgoGdUgLYVxh_qVJ1ihLZxgwuvlghAWbZ9WeAiPrFAacyL4yTLgbaXdmeGX9p3NaYKwiOJ9z&sig=Cg0ArKJSzMFD3cvbxcpzEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A4E4 91 KB
32 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4E4 74 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B369 0
0 40ms
39ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7ekUALPthGLtW67IqtOIHYeLEJIjeoEZx2MYXu7WoJT30wBY4FdGlF2amo_djJPzSxntibRqF8KeJrIHHVoEtYbKvDczBLQM9AjhfoLqECf4JNjv9grePu6YOiM0sgjpnubZA8mVyh_-j0zUINPuMfQ_qTYClZZi3k-eFCMJWC_x73mDzSluIFLHm_vZDL8vKOf7POSkqmIAFqaau0_269M4YhZ4-RyN_E3fGohtOZSy7u1Sc4tr68ZkwqozbcAx5ixgABhgxr7yGomvsAPL_eFZqvhklZCODjDqZEg&sai=AMfl-YSdQEqLJiCHGCM7sHae11wOwdAkgIH0sZ9k6KHadlb8d0JPXfG9I84oNn1WXvJFxqyrMxyWeYqCI1jn4zBgMUTDrFuAh524ori6q6u10FvojXTg20he00UQpF88yZlP&sig=Cg0ArKJSzP7sdEuwPeiPEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B369 91 KB
32 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B369 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74EB 0
0 41ms
40ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstphruHgmcAetKng0beBQSNebb9POAq3869cMyimmL_2FLtS2_Ts5F6tIQobv_ASlaONYZhjINXTu5M9hhqjGGKULppqX-tu6fcC4R6qoJlsg_2GY4WDES7uXVl0Y_vESxv0TCjgk2I3jEr6J9h-O6bJ9zNRzmcWktXdoH5E0cwpgcrJpIJ5nTM4nuvqTa7g06UtjSevmMKaE7GB7aIzF6SxTKpJWlOutNv9X8wEWRieLUd7LfZ6kst9QkxlOT9nUMuT7AnREyVW4xJ_ZJfR7bARCK44XDQ6rQa54JIHQ&sai=AMfl-YQI9_juQ61vnM7OvMz6Vr1UMSt0cOdM0eFz7DIifUj2hexpBzjDVtwI9_ub80sBDVq-RIr-wVByOqWpU-29vuEqJleGijC6pVnhplosrNuITeZIdUDqfRbW1NGY2OU&sig=Cg0ArKJSzDS3R-_wiohGEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 74EB 91 KB
32 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74EB 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 13ms
13ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=329429709755419&r=336x280&w=336&h=280&a=0

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A07C 0
0 42ms
42ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwdBWCFZ_qyGEYoDVSf4aAjOQFcaxbGVYrZO_C-iTfPb26Qsrerj5v-oUqcPmF1qXcV57MtK7aA6hykSO8sWuEhurbSsk44R4TgHx3CrF_6YmcZndtWNGOV-NKy_G2VDUmZB7C8mHI3Xvy7fUNCREewY0gndDSytXzJD1_YVbYfcMYeRy_JBPklj3ENw_w3T9CJeY6vNMUWtXSGtdPFDPGpO8ZjfaoCe2BCMPh13RUtssTiqybKB9PXxqX_3UeTCMKnaKVCconnpSSFp2t_K6byTKqNughI0BXiUSTAQ&sai=AMfl-YRJQAEJnToIv0wGlFAOxwvIkRfb3WhDUDSjXtLM24v4ZAOpzYDgfoS9sQTjCtmUrndsdrUCoGF_913ljYqh5-ow0vX5A3HIkVnmQ_9y_4cqMaFCNyo41qrXkM8a4jOr&sig=Cg0ArKJSzOjBBmDdTQF-EAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A07C 91 KB
32 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32414
x-xss-protection: 0
server: cafe
etag: 10182666169462036794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A07C 74 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame A4E4 229 KB
86 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame 4840 229 KB
86 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
DATA 200
OK truncated
/ Frame 4840 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 273e5e00497031aea959723018a9551af0fc8f36d0a7bfc5758f721fdfa95f64

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame B369 229 KB
86 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame 74EB 229 KB
86 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
DATA 200
OK truncated
/ Frame A4E4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c258a5b38e8c31e31811e3fe215f3a5044855c78aa5adaad8bcb86a46dbcaba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame A07C 229 KB
86 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
DATA 200
OK truncated
/ Frame B369 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2ef046e1045cdcccb098fd4d0a7af68501c9e0cc7793c4256913398bfb1930d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74EB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d987ba69a7d4d05a655099a00551328ad31d0222432a19736740fd57eade270f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A07C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e948e74b2d56cf6161a323c24dc1ef8748c0c2100657bbdf18f6fbbafe029ea3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 270 KB
86 KB 90ms
56ms Script
application/javascript 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 51788edf1b9d757411666933d29eef15567023244cec751db139558b1b3060f4

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 07:17:59 GMT
server: nginx
etag: W/"5f6c4827-4395f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=600

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 24ms
24ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:24 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 1c78b5b0-841a-4fa1-b8d2-169358e7aa61
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.continuousdev.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
451 B 86ms
86ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc2NDUxNiZ0cmFuc2FjdGlvbklkPTZjZTJjYTM1LWVkZjctNDQyNy04MGJkLTc0Y2YzYWM3MTIwOCZyY3VyPVBMTg%3D%3D&pt=gross&stid=28bda6ef-7cfe-49a2-99d4-4634a4ac3ea2&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid3.16.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:24 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ja.continuousdev.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A4E4 109 B
126 B 46ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A4E4 109 B
126 B 45ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_zxm_smrcp.html
cdn.zx-adnet.com/adx/ Frame 5A2C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM%2Fzxm_smrcp&adk=1424687295&adf=816031634&w=970&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja...
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

0
0

16ms
16ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_zxm_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "5f93abe528fbaf92322d971851bb6144e5f097a4412cf508468f4372a1fc8013-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1601533825.887490,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 2079

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4E4 72 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4840 109 B
126 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4840 109 B
126 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_smrcp.html
cdn.zx-adnet.com/adx/ Frame 418E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031633&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F...
https://cdn.zx-adnet.com/adx/1_smrcp.html

0
0

16ms
15ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "04a6a292df1b8fa11152dedcbe28078e71f762f733c4649d3d4cd90add345001-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 3
x-timer: S1601533825.893149,VS0,VE0
vary: x-fh-requested-host, accept-encoding
content-length: 2068

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4840 72 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame B369 109 B
126 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B369 109 B
126 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_smrcp.html
cdn.zx-adnet.com/adx/ Frame 899D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=3785871278&adf=816031635&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F...
https://cdn.zx-adnet.com/adx/1_smrcp.html

0
0

15ms
15ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "04a6a292df1b8fa11152dedcbe28078e71f762f733c4649d3d4cd90add345001-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 4
x-timer: S1601533825.907423,VS0,VE0
vary: x-fh-requested-host, accept-encoding
content-length: 2068

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B369 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 74EB 109 B
126 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 74EB 109 B
126 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5BA3 0
0 142ms
140ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031644&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824594&bpp=4&bdt=55&idt=208&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=1161242955.1601533825&ga_sid=1601533825&ga_hid=1961353355&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=950&biw=1600&bih=1200&isw=336&ish=280&ifk=273030876&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2526887038237566&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ona5rqxgnmli&fsb=1&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031644&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&ea=0&flash=0&wgl=1&dt=1601533824594&bpp=4&bdt=55&idt=208&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&correlator=8640407044843&frm=23&ife=4&pv=1&ga_vid=1161242955.1601533825&ga_sid=1601533825&ga_hid=1961353355&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=950&biw=1600&bih=1200&isw=336&ish=280&ifk=273030876&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2526887038237566&pem=199&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ona5rqxgnmli&fsb=1&dtd=214
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6IuvICKuAEEF02-0OdEKpmPraONXrr56zP-XHfj9hiogVCTc7f4WivFRK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 5569
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74EB 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A07C 109 B
126 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A07C 109 B
126 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.continuousdev.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

1_smrcp.html
cdn.zx-adnet.com/adx/ Frame 5F62
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=zxsmrcp%2Fzxsmrcp_id1&adk=2290847893&adf=816031645&w=336&guci=1.2.0.0.2.2.0.0&url=https%3A%2...
https://cdn.zx-adnet.com/adx/1_smrcp.html

0
0

15ms
15ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_smrcp.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "04a6a292df1b8fa11152dedcbe28078e71f762f733c4649d3d4cd90add345001-br"
last-modified: Sun, 27 Sep 2020 08:20:23 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 01 Oct 2020 06:30:24 GMT
x-served-by: cache-ams21058-AMS
x-cache: HIT
x-cache-hits: 5
x-timer: S1601533825.968629,VS0,VE0
vary: x-fh-requested-host, accept-encoding
content-length: 2068

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://cdn.zx-adnet.com/adx/1_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Oct 2020 06:30:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A07C 72 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:24 GMT

GET
DATA 200
OK truncated
/ Frame 302E 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 33752-mimikatz-12467 Show response
ja.continuousdev.com/ 41 KB
7 KB 1143ms
1143ms XHR
text/html 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.continuousdev.com/33752-mimikatz-12467
Requested by: Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5498fa8df7643df82d8f77416fffd331da8d06c79e6f1bfaa018ebc02b62def

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533826"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5db42286af443258-FRA
cf-request-id: 058473e82d0000325856a88200000001
expires: Fri, 02 Oct 2020 06:30:26 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
175 B 91ms
58ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1601533824977.2761&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&t=169&v=73&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.8978956762356791
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ja.continuousdev.com
Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 91ms
58ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1601533824977.2761&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&t=220&v=73&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.22311591840999156
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ja.continuousdev.com
Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19E6 0
207 B 42ms
41ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQvGa8IRMUWmmVjlkXuSa1Hq0VsdcmvXUOJuyyJZysp126lSWtTSWSZl9cjPqibtcaRxf-V-SCIAH8vPqXfvMeRQc8jFGEtVGlH9GJrTGR-lED48W0Ndj5So7TyKf6MNfLLVEcI9ABxf1OvYi66J7FZnQcZ7EY3JrIx1gDR7sICyj-Ah4RftqBmJXoJJNEPv_FC5fGSG7ssf5ffIrGSRkissBl7Nl4TxCFIiZIHdmFXOngMkwlqjHchnJQ9SE7h0j0VagvNaK9o2ehPhKClVKYPEd59bdhOSReEDssjYE2&sai=AMfl-YQn1mCKAg3U7SLTJl836K0imtjOlS-77Tonw7PWK_D6nCbMQA_pqMD02SYeL8dooEm5rp3VKHPoM5t310hgXP7627otTO6VlODOjBOjX3qHLNcbuNirtL8_GGYFOMPQ&sig=Cg0ArKJSzASk8DudKhLWEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 19E6 8 KB
7 KB 40ms
27ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f162001a3edf38fff489028217a0ad6d200624f8dcad9c52e2c360cf7d2f114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6384
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 19E6 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:25 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 0F1E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2465
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E63D 0
44 B 103ms
101ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEFED-bB0C22Hnn_3ukcMGrLgHWBwQU9bkm6bPmvV-iLjKbh8hq_5K7tZI1rAg-R5Xkl-0wdlql2CeAmzHBg7w5keXW-APeXSyPcg_8geqE53rArL38ToNY6EBRkg2nvP0H-ymbi3VZzjZerXYxQ3A73cB54aYWJV5RUT2rQWOV2v_m5qTfg9_YDy2Naw4qftHRN3PJqTs3znAxvE28uS05PaLHWUe_pkBCOssv4YdiPDvXFYJgwjPlG3Peb6ZOdR4NvTJgJsmym6ILLYcG6M8kM7hF8KQdgwmkZoageuB&sai=AMfl-YQouwwO72J7UF7ZLDtw5wsG2IzCisFMI2Ww6KMeB_RbdIt0z1I00F54ZA5q0cUFcFdjFwVWwmYpCaKG4kEgJtA4V9VnFR1NhaXLQlOicRspaAU2g5Z3IpPHpj6dj2Y&sig=Cg0ArKJSzDGySz9b1DBjEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E63D 8 KB
6 KB 19ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

921303dab3986d2433d8f6002e7f0dd4d032097f2c031443ebbed731c2883a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6347
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19E6 0
30 B 18ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=788575016662473&bg=!e3ileGBYW4cjMYhpb6oCAAAArlIAAAA5CgHgCuO2FcY87uX-mq0d04JXrItAb-C2-FV8U9fRSEJjQP3XKA0VERs0wI2sFPE4qOWn18K1e_WwzS3gfsyvQLhkJp2sUSSkCn9VfTMRV4OOm71jsbUJaNjJbm5xmPjOA4rXgb19y33xOjFeGoGEYmQE0TsuvjioQLxglp4ulczUJT3tRznPnk3K7YzedMX6g3NHko0MwjVCZTcz2SEd2oEOio2e-J3QX9Gw0tLyXWtk8fmcgKcvMnfhqGFvONA32pKZ7hlmZTjezMLi1HPJJ4SWd3QSiQkKU90_3aJQaF-kjrhmULq1htZJo7eX8Y6LlkJobIFmKHQRdocot3nPhARsyFpSzc9wBIn7DtnBJZHEMfnJY7BF7Qg7Z1vDbVRJv5bivDf1XRZuHIvBrZLL-X2e-0Z6kgYDGbDYJoKfWXpJL6hiA0LoYHcf4hQhwwIZvsLfczpp2nDZGLW-5ptxNZFwljLyEI4SlHcO6SeS2ZyfWyyaPRRusOQEPbXhFNYKKzmsZ4O2KRkTAornPZRuey5EYg82yO6q5yUyBHyQrMGxYzdGgsP5mOObZZZDmJ0QKZfQt8e-8-z0XBOpqGc0MIfx1VsHDgJvaWdqI2tLK1-JfPPLU9dmkWeMLLwI7qSh8MIZmQGztedQwYqP552ZjSq7VXyd7ma4w9-NWDx7t1N8Ie83_gFTHI4FUFWvcpKf6DUI-boG3rSYLr1IYgsw9DAuVrrCK0pBAObypFdsLVkPKrIpUJVl3aqNclgW4YjWBf2huzsc1nzRg4gUb4io_EmEj25h6iPbVyrOx120aEJxHvapWAlvA6x-sF0ORHr5GPwPV60BXHUudqKUImFANJDCiMKVXEBw1nvK1vjTo6H50xgkDtM6Zca_Vk7HPtACSaPO1AZ5DtQhE3zkALSgeWGo7l5FNwd_ncT-KZ9Lhh5MlrM22-U9FWQ_CbRNWLmperkAA1G1hpZ4QXj0orz2dR7aRVbbwC2rkBO76RBGxspZhFJV6NQdD_b6nxvV99SGnFsorBEVD_9G_-QJgoSeLlrJbrkxEpn2XrE1nRIYfqR9zd6AtE_zZMMpmsC3SeZTZk2zrN1nA5IIYUWTZphCIMzYXGHaTFJam9IXwm-q2rr7V4xg-xRIEmoRL2hCr-yq4XVPtAMqxvFhmm_XxJAK3vWah5ycZN6YGI9lTObcpkj-BRJ7Ae8P842Y-qpP076-8A9XvmKGWOIS

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E63D 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:25 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 6953 0
0 13ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2465
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B369 0
44 B 1986ms
1986ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaTqzWiBp_kPbhPpep6DvCuvl_5PhK1Ic4fR_LiX9EQ1T-KKh1btifwmMJu0RASO3DbDg-dKm7MdKOzCCPHNRd9SS8Su3NjqoUTOG1dwRLodS9dAS_WqZZrj5F7Rk5M6-3dsdLiBiL15f3yy-j84_bpOvqb8kZw2t-J22k6txaKR89d3X0hI_wB7RVhWgEIjw_4sVcfkAFh9ddLE07aLXJP8WOEA92e2X_OSYeg8GHDg7ba1qJYZ03RRa0-fMpm1plBQJ_nhQCjlxEpuGaYkc6JaMfIaEgyqTV9oaKqqDT&sai=AMfl-YTCItRKdIYzfkb26sWTvfmiGar8PDGUe1EeCsXAUHdo-VaW8LRoYNDTAf0UihA9VNGOGUqAHBeH-h23JipPL7ErA5QOwc9JE3_d_nPPCPxvtviIma9ORruhdqVjxFtX&sig=Cg0ArKJSzHaynQxKFM_gEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B369 8 KB
6 KB 23ms
23ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a826523b4f74bc5d0c23d4abc0ebd8b160c1b9e0a4c6c5f5bc2805e2a739fac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6522
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B369 52 KB
20 KB 1963ms
1961ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

7ebd967e848f21cb4e2f161fa3efb148c637e94bf891b34592bbf919369b0fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 05:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20672
x-xss-protection: 0
server: cafe
etag: 15864972637987364143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Oct 2020 06:39:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B369 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4E4 0
21 B 1890ms
1890ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh1BrunLg75JwjXB0_bU000EO5nJ6IudK8IIic0D2ydGAvOIXYNR02s9U4t4n4Xi01wSgln43OZ88TNFNEXrQ_c3dwCGwsQaoZhjOBC5fWlQxcxlL_LG366SMjht61DOaj5KD0q1iPkFf97tU1TcyefFBpjoR8FlrSrUJfa7x8wIdSZypPfAjDzZkqq4fY-3VJDiXYh5tDV4D5vEfF0C77udnUtYH8e9mta3f4pj_wR3T5E7TAjlFQz6gwIr9I_rpWaOXI0d2tyjT24v7MV4BUKFr86lEIOiWb&sai=AMfl-YTKys9DKghsrtXEO5nLZoManvw4SQCz6clO6Fk91T304q-0q23lYcEDf5Vl00JIkw11Ha8jHs8AA7C1Bd0mG0L8ZsP6BDIfwXf_EdgRRBQem5Iw48L_PGmbyW02N_gX&sig=Cg0ArKJSzC5jq3vmGFt5EAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A4E4 8 KB
6 KB 24ms
23ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf16eafcae4421f1fdb86f8e002efc518441d71a3c3f6d75b07fbab890a843fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6533
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame C310 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2465
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A4E4 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:25 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 44FA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2465
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4840 0
21 B 1594ms
1593ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc133Cw7WiEMzQVmnUCJep3ftOMt5rVRMC2L9T7aGlXwOjyCb6d0wxjLty_w9rBw7HqYbozadcrPbVxVidA1p3rXm4C2yxg0Ijr9rFsK4STNBr-_u3AweFkTrB8iRpyVV3DjEYUBgKjKBMW3Lwm-OZgsrK0YjMxpFfZsHC3ZIpR3RBSFAGkypYJHKTLyDCpIi0wWONzZYFb51rijuCzNFoDFRQ6YFwpbHCAv9Ormcnt3lfrrOpF_kPHQAtonOpZpBOZo6U8_LL4sZPMTC2ghAPAQsPjd6B18TtqYUrdVIV&sai=AMfl-YQ0NiqJEqtX0Qc8Z9wA9kegQFLYSjScclEW30BnugX0NzhnQNOjcC02m38GhAeJsiygLSPew4ppdRYoqbwBf2Oaka6rKsZIavOCWD3SSuBIpGSOpt4OQlKVUjXVgkY&sig=Cg0ArKJSzIsW4dMvtGTaEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4840 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c432a346f1350b841ef94740d8065a79e22339611a357e01807c664e21657181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6435
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4840 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:26 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame DADF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2466
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E63D 0
45 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=4169700582749092&bg=!X1ylXERYIAjsbFkFtD8CAAABYlIAAAAkCgDW71FDWr7UMjN_3b-EtR6mg4pP1wu32HRd-YYC0FkmUlSMolap3uiif14L-0ztwWYSIu_2qaeGQurZr3LHkPuN5Ibtbj34laT45dSejoBOxOpE5AKAu9wbOVB8Uxmn7z4owx7-UZySoGBRxLoOp9NP8SNsSMsCS0OBk5dgHVGz3H-D0HXUx8psZ7xgxJeyvdm93nBgujYy7rVQZ_ZqzJLuuJNDXDJHkMWUEjG8TAhyxsdHXkGmbz-FyTy_cXcBJPJPDMO89MLh0DMajGe0zQ_DMq5AY_sHgZkBszSy1t5I8pzbFD9z6UoQu-uY4z4tvjLwb15RGlJViChOcRnYkccOv6M44uUhKIpva28LULBeV2f90YOnQGbBf4JAG18MDHrQTVnamu8axW8UwZSBqRHsjLJFgaDBBpzdjReCbRVpsOoOhjbCnZ8vWIypdKrdxR7-l2qfWtd1dTnRkKfrn3bfxWhMq4pzAuGtjUXrudKEU0HZ27H8ch4v-waeY2hkhx5Sr4ATAVvfQPAJ9uDCe5UAFR9lZjIFoWWeSLyr8ab146xeBdGbVLM0kZasXarinYQfqj1NVUn41CQbdfIURIApmlPXg-JPdIa0L9f7ltsWRNL26cjaQQB1hywuWs-KwOA-P79uDkm1icLOBwpxAbQbHhZ0S_ukJJ0U4zh0M3-QFfFYiIfmHDNjBeolNMTB-UxEMDLJFB9O_nwDCl3ixzdTPYWFjg5BKp-nbhqawBqdsq5oqho5quXyAbiSDcxp-aDnLnr7WY-S7J7kvB-iod_Pys81ili3FICoQwaZApWAfy9ck6SdYxIuFGe4mZFzee_xRaNXTnMPM_JXQXiA8ebeHfWJy3yTaOUT1E_B2g

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 1426ms
1426ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1601533824977.2761&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&t=1369&v=73&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.18094148576147395
Requested by: Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ja.continuousdev.com
Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:27 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B369 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=3932501515839952&bg=!ra6lrrZYhVW6_AWv9zECAAABPVIAAAAxCgCvKLc7OGkuQSES5GCKriMIU3EU84udDW9aAGI3hmI2l8gqSl1M7REIfW4UVNA0by6-RLKUWHFNiSlX_Y_NCqWpDzw0tUb0O2dGhGfdVjJ-u3eLX_LFfXTZkonTHkFjI8yqeofmOv4_f6t-VCFvEUb1Me-rHHvFJquURwFfE1FY5STaEdcR_AdtD0aJWWTkMaXWglMc0jBHrkQoyIWBQs5z33PASykHGSsBhWCR-s-M95kBs2xospaBAFGKsSJ7QztLHBb9W9Lm6Je9Aqtwc0OiYP78PqvNxaS2QZOpnsYEFVjRVpdygF6fZlsC5pLHwRLhTj7SxSYXDdsERqt12847M0aR4nn3m-lSWTD_UJCrtNcH7xTWAh0r5H7otRXuZTaABeNCpP3S_X8fIX2xzbsjEe4-1M_tswIeMF-9-YUficPLWRAwoyyJ1ReHS1lFxN4_XalpdSo7aYOnxyBH5lwg2qyL6BuGZyBq6BLzLYNJi9JQzSmIAYLbN38a6QXJ3tQgw4l16brE0q9UKg7qvs_n-HvTgd1k471zeYTjlffllySgzMhAPNclJ-PjAwZ8XvwX0PGRV5T5pUaTPsgwqEdwrUhQjXSemFpT69UNCFSWQhf0sYl_S2H6jxcwioE0LtxZNgOIE9AEQJQJtVuFA2DLKMSYk2o7w30_Qfwr6NKgp3dVZrCClDplvkm6dNua-A_5pRZ0SPcoOkm7zzKueekVdkXeRsS4Mi7I0P_xhkF4poiUbRXXzCq_by0-L8ktkWcdwzZg_Q3dz9WCuymb8ySto41Ubk3FtP_W0gZIE8bTAx741z2vEA

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4E4 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=183201821893203&bg=!X1ylXERYlaWBQF_lXl4CAAABWlIAAAAUCgE85JqUzcxKN5zp9Oj7adKDSUwOWSQXjPPEJiCA17y0n-E3MLC7LD9tzvIn-yoYGXDG4rlTG8IL_gpoxZfLmkesUR0WhWkTSQB6JvthDPkkg8jwb95easeAD9X0lHQxbVfSSk7V4Qw6S27YipAI4miWFrabC8l1asKHGSYkhXSlF0aEjbiu14f-ItxEt84QstHnC7NyrJQ7qLjIWHPAtjKzL-P0vyHD_Ubq1jKaGdyBrgiL9kqRXkusHOUZ7w7NGKa-yLjXvBuFppOHP8CS-051NdJKslmK6bOjuHZP7Qsb2ZKwLxWMjzCd6gxdxjbHUKeqU4LE_E3tDRlPi3qAoAIEBDu107fa1FXZpAXaQSQwwIXv0AOYHTrEl9GuyfOasHXWy4vkb-pS-naAED8JlFDGAf3t2UVZb6JWsc1sOpkBs5sU0XXVDYaFvZB15cfIm1Ux8nNSuG1lv-s-OrHRA7F2Mr-6etaZPig-ADTyBFvYCv3kJ4E0HdEpB5bFFigN3ARFlJZMYydt75XIZUiP5EKMUSJud6Y3s6075_k7PNLiWIzVLDgeYgn2Om_pls0PaMKBpmkqSYi8IEoZXkFGTkoocbEeSzLEY8Dq5z2H7HErBtRef8FFuq-DUVBiLDxF9-3bxh8UOHBzEtAJqWV_4JWq7RrM2KG4RFCdyyLKQlwvrqJs4kmug6_9yjl4_t13GXTUsSrGRSdzuBJtblIPsK5YyGNoIdXF7ila0Pc1voWbpb7eW8j5yD8UI9jWq3QkRHvmkflstcV9HCjh-O9U-szioTfsNODpjyh-wFFWYPgYuwuagmUu-d77NfSEaQVikaRVB5_nZraSfvsJ8zYD1mYDQrUPDVVSDgzMeHYLPVPzcUWYFPYb-OFzWUeMruNjqm_gUmuKz2u-02aMx-IxdtJCH13pbCQJOFC5Z-pYlXMhTHCLhmbezvZkNQykB959sWDi-trvA61YQf_-9ILMevVvZriWPUYT-gcDwqVq2FtXeBTe8A

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4840 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=201759148910319&bg=!bG-lb3dYNDaNTIXrqw4CAAAAh1IAAAATCgDmiDK6YwAA-EEhF4U-2vRQbpPN2ODReyKPrOzpXrrMwpJXZK4CjK76fQWN8g6Oa24geWf2WQXE-U5daAFQjq5GGJb4VnoH7zRmNjE9dYRmPJk8uBR9oeyr4Osg37g1kcQsuhHiia4J5dCaR1NC7dcC0jvyOx6YVI_dkz_MIHb00_1tXCYNxl29ctuCtphHLYzI6loKg4VeKzWKS40wl-gTueRdSKBgwGDuhWSCx3SqNXw7L6kDYJ3aDbXV9y1u53Hhw-PSxDDM87EDeGAeJL85SmVLAf3Ggisup2YH8l9BSjROqHuyhsOZAbONluw3qtWzdJ0JimsCPHVNMJu6O336ScpKS9ajR34ecc8BnRho_UsvWauUtaluoen1M60MYkH9NdVEuWWFuo6KoIG79EtB9Gq9UNmdXf4X3e2sMAap3dvQ9GpxlrZBgMwDFy-k12MKvljhToAimuU8zuEDqnXDJelCCITaCkxNSHwgyzLGsRasY-l8-llzTnWlQ5yBbCpEjuoVbATWZR-x4zVtIA-YoWcJHrYzCKYEEdZCybFmatGRyeKbi7zaEJsMjn-inQr6vRln5kVJ6Kt0s41WHUI9Coq9Ck9nuClpIDjuPoBUzG79BzaNQLerDqKvWXcXLxDei-s8jPW4-lngBqtZp8bf03Sg6iU0xIloaK-BgS1fl0tVsKarNz1RcuzWp9IvICkw6GM6AkDWWA3V7cH3ISFZjYCVGH8E45ZJtRycLAtwJ-DOvvXmvGOg_q0E34FjOK7cv7OF5lxdhAImUkGsuGyBw5mq5c1KzXKxGxyIb25skcYri1i4OqzoD8RVk4sZbhcz4jsJcHr2I4hIbhUb305QATOF_XaHZwWDtl-P2WRITszyuVGq33XwC6JkiVs

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A4E4 42 B
70 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNbpF-p4PFEOIIYQcAlAzd0FY4-TKHzKmfk-D65OKp40AuUOcRp3Xko-R5ZbleoJznaMBricaJmOFZ1Aqjj5X1KoFUI0uTw-wHY3q3PAk&sig=Cg0ArKJSzF7RvOSghI7mEAE&adk=1820452087&tt=-1&bs=1600%2C1200&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&p=102,315,352,1285&mcvt=1024&rs=3&ht=0&tfs=1267&tls=2291&mc=1&lte=-1&bas=0&bac=0&met=ie&la=1&avms=nio&niot_obs=1165&niot_cbk=1176&md=2&btr=0&cpmav=0&lm=2&rst=1601533824523&dlt&rpt=102&isd=0&msd=0&xdi=0&ps=1600%2C3635&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=2290&is=970%2C250&iframe_loc=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200928

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B369 0
339 B 46ms
14ms Other
image/gif 2a00:1450:400c:c06::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kfqfw283&chm=1&ctx=2&qqid=CKjkm7XikuwCFY4O4Aodsn0NJA&met.4=fb.3~lb.2e~ol.vx~idt.-ay~dt.-qd&met.3=298.9q~155.9m_7~132.az~143.f0_1~132.ft~129.gr~143.ht_1~132.id~143.km_1~132.l9~143.nf_1~129.nq~132.o4~143.qb_1~132.r0~132.r9~143.t4_1~132.tx~129.vh~132.vm~154.vx~132.vz~132.vz~132.vz~143.vz_1~132.w3~132.yg~132.yo~153.yu~143.yv_1~132.yw~132.116~132.11n~143.11o_1~129.12f~132.142~132.14f~143.14h_1~132.14j~132.170~132.178~143.179_1~132.17g~132.19h~132.19t~132.1a0~143.1a2_1~132.1c9~132.1co~132.1ct~143.1cv_1~132.1f1~132.1fi~132.1fp~143.1fp_1~132.1ht~132.1ic~132.1ii~143.1ii_1~132.1kl~132.1l6~143.1ld_1~132.1lf~132.1nd~132.1o1~132.1o7~143.1o7_1~132.1qx~143.1r2_1~132.1r6~132.1tq~143.1tw~132.1tw~132.1wl~143.1wq_1~132.1wt~132.1zf~143.1zk~132.1zl~132.219~132.22a~143.22h_1~132.22k~132.256~143.25b_1~132.25c~132.281~143.285_1~132.287~132.2au~132.2az~143.2az_1~132.2dp~143.2du_1~132.2dw~113.2es_5~112.2eq_6&met.1=1.kfqfvztc~14.0~15.0~16.0~17.0~18.0~19.0~20.vv~21.vx~22.42~23.42&met.7=CCIQBBgBIAMoAzADaARwLHgXsAEBuAED~CAIQChgBIAQoBDAaOBZoBXAYeLf9AYABnv0BiAHW1AWwAQG4AQM~CCoQChgBIAQoBDAxOC0~CBwQChgBIDooOjCEAThKaDtwWHjUrgWAAbuuBYgBz6UOsAEBuAED~CC8QBxgBIP4BKP4BMI0COA9o_wFwjQJ4foABaIgBbbABAbgBAw~CC8QBxgBIP4BKP4BMI4COBBo_wFwjgJ4foABaIgBbbABAbgBAw~CCoQChgBIIMCKIMCMLICOC4~CAUQBRgBIPMCKPMCMIMDOBA~CCcQDRgBIP0IKP0IMJUJOBho_QhwlQl4lTOAAfoyiAH7QrABAbgBAw~CCgQChgBIIEJKIEJMK4YOK0PaIMJcKwYeN6iAYABwKEBiAHYogOwAQG4AQM~CCcQChgBIM8JKM8JMOAJOBE~CCcQBRgBIOsJKOsJMPIJOAg~CBwQBhgBINQNKNQNMOQNOBBo1Q1w5A14FrABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A07C 0
21 B 41ms
40ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr8jrZ3HGXHiy0R6Uu5nj1i7oDZQHOlguxyckT0ZlTK2rhR2Xg6SnOps8DzDWT656ewuTkTpa4E8tS-bT-1Yf1q0rUcDxU98Zh2waTWDgk5xErs9dLiWm94G9AUTuOSfwmW-E_xdm6SyHhMAvyk92Eh-B32Ag0K54_hJiikRxypi1OFL__XrtwxexZBYcjkaPgYqEgAOPJILsWUX62EwEvOmXsnvXDqG6iKWeaxaaezk3gJ9At3h-qUYWPomRWNu2CSHx5oKoa0DRRMSEw9mI7EpbvuJSJPu0dVmrM8PWi&sai=AMfl-YQKpBPvKR8Ts_i_bQ30UyBFVCLZrDVkyOV6c6si9tlqfBsitOpznuMJnTQx-kbyLkI63iJPXlSJW8SWVO7b1Z7MG6e22wEBod6D2yGk-hAJnmQhq1e8gDWV8zdSelOE&sig=Cg0ArKJSzC34i3QSzyjREAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A07C 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9ad45eaa69b015d3f6b1fa5ca30187d8b1e33fa79efa796d5595b988589148b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6733
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A07C 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:27 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 39F4 0
0 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2467
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74EB 0
21 B 38ms
38ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWE85kwzTI471J8q-NH6M7dHFGQNq1ro43QyptB2oyqFUJfxVuNDARprQJtEdcgaEmZEAExHZxpFTRA_MDgmUY5MTsPqroCchfPG8jLWuOilVBRIc22WGTs5BLZa42uWTBkT5ZV1ptuGCMFB3QcXJX-Oe9Wy9ET9E4dFxehnjIFXUACbca35BH9ZJuHhwv8QK0AXcAntc4VzGjZjuNmsQ_Lwp9UlLcTuzVzqJgQl5bKW8gLsDywoeQX5h4C7l47w3BSz5CJhW74ubZI8LWz_ZmJfLs3Ib4xuc_5jUjCdVU&sai=AMfl-YRO8qaa9A4eUx2NhpaEvqXIw8KpkPOW7SqHaMW_221mPp9gabNfa1KS-0AKCrtLvQRH7BHg6fArp1fPG_B-vhVhbibAy_XPCco4fomIZZ3OAd-jvO3R8OazYt3R_8Q&sig=Cg0ArKJSzHOzLjo-byFlEAE&urlfix=1&adurl=

Requested by

Host: ja.continuousdev.com
URL: https://ja.continuousdev.com/33752-mimikatz-12467

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 74EB 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eb2c9dd7a07a5bd33b975b2a1973ce195d55fb9d6d70550cf4fe89d7889c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6469
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6953ccf9174a35e006d7843200106888e0ffa78d593b858325342b73b76ff980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6350
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 74EB 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 06:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 01 Oct 2020 06:30:27 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 6CE1 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2467
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 2C7E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.continuousdev.com/33752-mimikatz-12467
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.continuousdev.com/33752-mimikatz-12467

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 01 Oct 2020 05:49:20 GMT
expires: Fri, 01 Oct 2021 05:49:20 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2467
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A07C 0
45 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=2546735285757325&bg=!zM-lz9dYbqzgFOFYCO8CAAAAf1IAAABRCgCTZae6uYpYni6lyL3qC-udO3PGfJ9u4lCBg705ueCWXTb1-0UiaHiDRpuIeDy7GU9-qIwK1X7BfRNqCSn0AKYFHhksCZwvy7a6J2ZjL2h9gdofoGDB5B2mwN9lUFNLR0JRYC8xBt259K1t2mHkiApN56DAwREEaGVDB31wttRNzSVe05vxhs0eh3U4Q6Y623R7hvoumQHUJRUU_QMTmUqCPz30cSeT5Sjb0ZxTgDLTBQk2On7mhORXG_M64KMMucOH0qNlWiAvzeGCJDqXrgY8PF5dB6XqfgEljfJF1GWyNEKquTTt5R1fPc66D0XdAVOWbER2W9U283fKcKJ0VBbfBNvAMo5Nk0LvecLrkRFEJmWjSV7rb3vTU-Luput9_gcV5TKnBDXw24DHEwCFw1wMf--nTAOexra2hEsYPNfUIk8FnDke1UAWI2atCImeZGvX_OTNpreaQoFRDnhutHASJszpEDAPcLjKN3WYwLLHPaltIj6OKmWvALaMlhi-Az4CIoy4yff0oTRJP73rjIop-ytT3vCP2Q3C9fCD8uHGuBPA7Ub2kW7d-kQteDXSu78x3EHAs-DPgsSMVYeRn8-7E_zRFjoH70QkOUHgIs619QUxcq_ktU_9M0fbOaKnQS_JNlzwB-Ye6Z6m_ljxjFtar4Y94lz2-6wE5dQB39zOn05M-TX8OzxTQt2UyBKGr_ztzBLt0jTZCPioq9_btxI2xtkTaY9sqUe_-SBLzcj8FByxymHdz_EvavPq8i4p2i8ippYhumfeNZ_KgbIOjlf4RKPrnCoZAkAfSnybtcBQIQHi1lJ1E2ZuIIBC

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092901&jk=329429709755419&bg=!mpmlmYFYvX1FU6pye7kCAAAAvVIAAAATCgDmHFTDKtMX9GBlc9QojN_NvermPu4QO309aXfAB5LaBd0OpqvA4W8tjaX9yB9LmYUg05vjhVy0TNZcF7PdOorRPBUuvhfjlGSzA9NHBH2TeGJvBIH8yfHnrZdHnifFbwg8Ss5GFIzJxc3fLqspI0RUS28xHBx2VUkHijkVr2t_J4dAkMQefVRkTwGKo-73i5JaJ9Yk-QYhILGttxR5jqYJD-Ah3UDUK9J0mGxVrXyS3gHPZeSe6K6YqlKmj5AlU1GF-6MfwP65JvOpMjEIFSP-tFCf8eM_C1WNw6_5cNmIt5p2vfoeStKZAa1-7gxZhGTecbkauCx88s_3G85Ra8h2JoqdWx2P4Gh3rxhV7A_pTYpfqn1KelS5_XlGr2y6sxg2G3xQX48LbWP88yypuFgl9iomlNxusvIbuUcBPUVvFGGp30NI-xRvfRBGos5FYK9-cd26jsYJKhrQdmnYXGFarcyXvscQnYHPcyJhCstlKg-B4CjnrkFcl9YcCHG5cvwQtW8zWKwbXbJsFkjTpgYECQ339_BUqR3LgagiMCDFwsuSqt4auGmnLWHN8W2tsAKq7rAVsYKUetFwu_yCeHdITDdAFjTDVoy6UAQxW2x96o9fLJhkwB8uPCuKfIm2EDp7nmKRXRWrjOZVlRTmzWpd6WPzXBj2nCSIQf3jmlmapx4L8_zApYuxWQIdjEpvPINkyiMYNiBzEL4YzuQ6A14FgFj--ayDtfVlNAJd9RTWaWpp27PZjCTmtsaiP1S7i2c_E_oDPqdWCSu7i0uIhM--H1M_qoRvMpqNATfTUoslbTnbR0GKXFPifMINKkRdfEGFsu_-N05opJMbd8jeLcKBoeOl6QHxkJvkEHWxH5QCfJxo_AAT03E

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=2526887038237566&bg=!Xl2lXUVYjU-6Z8K43ikCAAAA2VIAAAAWCgGZ-I65bco4pI0ZcFVxUi2hvUwbaesatH2GS7KKA6RngpSAfAA63_AShVNNVoVfCD5kDbJMwygMjRLL8VzPs1DwXZkQKD8lNWenQpcjH4WcDde96JXdt9HnjTvtVgwXjh5IEEvUVmz77bDxKVCn-Bw9Ku4zvlWlZW75W0k5QbzU8a9zPkbfnJnfBqGZzLuqkKtvxXoyiDGOCzkIqlwS2U-cmAdv3_7D91S5c31hffm-wDvDoXiIghUbyoqUvVVpH98sYRHiks8rIcrkX-UqKFq_8RCiHjzPBCGV31XGTpsI9WyenRIuwoDbNIFk0KtPxTytyyQQ2ffHc5h2UBFKji9JnP1BANcPUueLxovnfWIh7IF_Eq-Ps4pCLsVSvG1k53YoXAH8FRZ6AhgyWXQTnkESsIgYRQ9upuREU5NLOdTsaRRGJItyRpnmeuF0smU-KZtd48M746aP5kANJmqRMO-c-58E4CPAzaPTk5oRzN9bn6VZKLU78LFQEV3XAsXpbdne0C9WG-qx-qlUyFKZZRNtCokJxHAbDdjhbpkBs1mPmdqv6hcPJFa463iQlQusU6r6NrnZBc2kjZq7ArOhw6doAN7y_uWKhOh-elyQ-aHElSUVN4HTkb6P_B21oV4Msj-7cW3IqMGxHJB3_b0eTQYoQXP72jpQHGLw1owIUhE9xLsrkTIQX7uYFYHNb8F11LeUC79E_NM_FPoG_EjxKwb9OSRYKrEKABl3Xrnjt4GgdM6tmf_RrlrsfQ2sw3JJgzGNpywMr4Qhq6hA4091IxD8YMgnBpsi2OF32bDICb5S0MvnfK86-vEm9CaGE6aCpWh7C8JKW4igdQkFazDEMHJLp2kJAU59uOnzuQmomlfwwKgI2JG1t5PcDaiB9WA97RQHLN9iNuEdRw-SFnm14WKkKF8bX_G7JpkgQE4T3IWP5BdN4iqMCzd4Sz_FpHfy5TvPmrTywfSROHKkXn48zV9wx2O3LQOdYVbamI0aomGHneIkWMzrn60iqEh0Gf4pJitfgUV2o3Q3iy53AoL3Hf_e3i1nvUiWL5HqmKMGc93dkjSurizRBGnEKKP9UxyVLs9v3cPhfqwKKtukcqk_G_d3ew2ATtySTnhoodoUutL9SQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 74EB 42 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1U4I731AlqciZBA3f0Nh3v7BpLGpFX_4YMy9EYYN4cQ6Jyzs_ZLREOUUoSHjSk9gBewa-JsKWHaPGsFA6TMbP6CoJvVzyfeGdvCvOpsQ&sig=Cg0ArKJSzKGPRPthp7BpEAE&adk=634434055&tt=-1&bs=1600%2C1200&mtos=0,406,1010,1010,1010&tos=0,406,604,0,0&p=990,1022,1270,1358&mcvt=1010&rs=3&ht=0&tfs=3343&tls=4353&mc=0.89&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=3233&niot_cbk=3251&md=2&btr=0&cpmav=0&lm=2&rst=1601533824542&dlt&rpt=121&isd=0&msd=0&xdi=0&ps=1600%2C3686&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=4352&is=336%2C280&iframe_loc=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200928

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 06:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/56440495/
Redirect Chain

https://mc.yandex.ru/watch/56440495?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A1600x...
https://mc.yandex.ru/watch/56440495/1?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A160...

43 B
398 B

55ms
54ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56440495/1?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083038%3Aet%3A1601533838%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A184%3Als%3A1521197397906%3Arqn%3A2%3Arn%3A711266544%3Ahid%3A814203657%3Ads%3A%2C%2C%2C%2C%2C%2C%2C643%2C12%2C4972%2C4973%2C13%2C732%3Agdpr%3A14%3Aeu%3A1%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533838%3Au%3A1601533823873426005

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.continuousdev.com/33752-mimikatz-12467
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:38 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:38 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Oct 2020 06:30:38 GMT
Last-Modified: Thu, 01-Oct-2020 06:30:38 GMT
Access-Control-Allow-Origin: https://ja.continuousdev.com
Strict-Transport-Security: max-age=31536000
Location: /watch/56440495/1?page-url=https%3A%2F%2Fja.continuousdev.com%2F33752-mimikatz-12467&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1601533822878%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201001083038%3Aet%3A1601533838%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A184%3Als%3A1521197397906%3Arqn%3A2%3Arn%3A711266544%3Ahid%3A814203657%3Ads%3A%2C%2C%2C%2C%2C%2C%2C643%2C12%2C4972%2C4973%2C13%2C732%3Agdpr%3A14%3Aeu%3A1%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601533838%3Au%3A1601533823873426005
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01-Oct-2020 06:30:38 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 15:01:49	Name: 8lcfmzhxc8d6_uid Value: 41b88aa8750df708
.doubleclick.net/	1970-01-19 22:13:49	Name: IDE Value: AHWqTUlLAd2SHs06IN8t4kYCej5NVxPD1ALvWs4ooOCFiqsIP7jO3dC-vS3HFYlU
.doubleclick.net/	1970-01-19 12:52:17	Name: DSID Value: NO_DATA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://continuousdev.com/template/mimit/js/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 1) Message: zxnt native v.1.0
console-api	log	URL: https://continuousdev.com/template/mimit/js/q2w3-fixed-widget.min.js(Line 1) Message: q2w3_sidebar_options not found!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0sercher.biz
7f81e9de7be60b8b3e3602483d65c51f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adservice.google.nl
adx.adform.net
cdn.jsdelivr.net
cdn.zx-adnet.com
cdnjs.cloudflare.com
cmp.optad360.io
code.jquery.com
continuousdev.com
counter.yadro.ru
csi.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
ib.adnxs.com
ja.continuousdev.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
securepubads.g.doubleclick.net
serving.stat-rock.com
tpc.googlesyndication.com
www.googletagservices.com
151.101.1.195
167.71.72.151
172.217.22.2
185.184.8.30
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3b
2600:9000:2156:9800:6:b871:4f00:93a1
2600:9000:21f3:ac00:11:a4de:2580:93a1
2606:4700:3031::681b:9ee9
2606:4700:3032::ac43:a3d5
2606:4700::6811:4f6b
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2002
2a00:1450:400c:c06::78
2a02:6b8::1:119
2a04:4e42:3::621
37.157.4.40
37.252.172.38
78.140.185.34
88.212.201.210
040836b15e50bf4d264dab219fd17693b9c60475d6fd6625b3a9e605d3f7a654
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
059a8b50d39602f4956f909e9934453cc06e167af6cf0af9dfa520cf4b255459
06630209aa0f855dad77577fd1e1236c3cf931556477cff885765792c4cac68d
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
0f609489c7759022d33a9f23db085cb72eaab92f50a8c9d7121e9abfb05e4b8c
10c86b787eec802ee5cad865137e429228f7be0f15444e656e8ca84d933c3a46
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
12bf15e5ff35d834b6f762d83b60bd99a6d09bd4c9f8e5eacd1bfb5400c2bdd0
13efb75e18c2c0bf096b482ed5543e76229f817ce7601a3e90510b024d8a0a4a
15076efc64609a710772a6a751c75d20209d9c0b2d63f17ac4a1b491ffc14f24
19c3a20eb0adcd5b8e6b08ec732022187576c34c0b502993685317d82dd96f33
1a33f4b56e1b07bcb238a1f08c77e2578c2460c1cb17e132659fec789ff5b28d
1b47420015893e55fdddc9b853d5cf13457bb8e36ec292293f333cab54efe83b
1e218093a860eff35591a9e6a097cd6e97a0048614af8be19ef7b7514cdf8b51
2161fcbc5015f70f560b8e8b8ecb3c63a740fbe32ae2f93fb305f99af4536db4
23d1d81e31d00a70bf7056b525ac1c0b87d6314b0add996611c6e2a32721f7ee
273e5e00497031aea959723018a9551af0fc8f36d0a7bfc5758f721fdfa95f64
2a3a8bf757cb9fcdfa0ff30a330faac4a69240b0d1b7a4d2ff647504090c0dd5
2a92586436202248c70832cccc1d498dbb0c66ca0dea0452af0f8d2cb0381507
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
358b8d3d86300d6dcddcdd4f6411e38182f5212edd57a88aa99d711e75746149
36791f910a6b9922e91d0fbe1ecb4d5d4158862ed27a53759ee5a201cba4ef4f
37a0e81b1fbc136f79c15546064a99531ed5a52be9eb067f4f564668034c6b14
43b453f67c688065a69564baa0d667e095d9b0976b7e702d37d2e9856e8992c5
442cf9c977155b6d9a62f2e787be37873386919455003bcf9643378f6e1808e6
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c60990a8b754778e928b4b42a271bb70e93d690f6cc169401c5aef302eb7606
4e70ab1bedf4bf4310151ee763495d23d2a45a2013224b033e1a71ed874d8b93
51788edf1b9d757411666933d29eef15567023244cec751db139558b1b3060f4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5452835dd3bcc5fa1f168f5a2822892f7d42a0e713f96ed592367e8e75416f33
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5986a6b8a5968da5cfac15f1fd9ec61763fe428afdf12f2f052dc5ae77404594
675feccb36a9ebaa79ac076b5a0acdf972ee044c78a25573b99e2b71ebc49cf3
6953ccf9174a35e006d7843200106888e0ffa78d593b858325342b73b76ff980
6edf65135f6d00cdab946ecf29c444a70500cf17489fc7702710b195d07f4521
73fb719c9adfc590e10a72cc0be83397a0a6298dd239b200513a0feede42a563
760b0d80bee77087168837a542642578dcdf3e7244d09a1ecbd0c646501c72b1
77118bb428e41c7b0b2e2c857bb356ddfb4533da443a13725a05d911fa5d34c3
77837e226da14b0bf366a3d01aa13d2a2da4457ebfeacdb3ffb96163886ac207
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7ebd967e848f21cb4e2f161fa3efb148c637e94bf891b34592bbf919369b0fde
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301
8123c4306f7adc317ad3cd56719569f1f2fad0a8bd8a373ed58953e38c80b928
8a1ca172a4191b7e846b02ee0dcd8d513d32df430b4b0ac9a4d2c8760a1de907
8a29312792ca36eac3ab0c852a3df4e46504c3fc9a70cc11dbc817daea4a45ab
8cbe3163b9ac1a6b31ec2924f7eb1d62722918401d5458a7c3d60a7c9e16f2b4
8e5a226f09e4936c7cb209561f3ad355471fb147b234a5c9b0b18b4eb7808967
921303dab3986d2433d8f6002e7f0dd4d032097f2c031443ebbed731c2883a5a
92a3c2ee2e8c154629019aba93de37a4f1cd6174d99cee561ea6543b4a19ad03
9c258a5b38e8c31e31811e3fe215f3a5044855c78aa5adaad8bcb86a46dbcaba
9d5e9dbfcf39ef26821d0318f3ccdba50aa7541948545e3f65a3f5e73e398c82
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
9f162001a3edf38fff489028217a0ad6d200624f8dcad9c52e2c360cf7d2f114
a14b707512137151b80a940c978231f4a340d43d027c8b4be259fb0c384033ac
a52c834a0c553d22cddb73c948433ace91b9181e0e95fb54d07d6d6f61345f0c
a826523b4f74bc5d0c23d4abc0ebd8b160c1b9e0a4c6c5f5bc2805e2a739fac8
a9ad45eaa69b015d3f6b1fa5ca30187d8b1e33fa79efa796d5595b988589148b
aa19931604e1aa2b39a8448234677b7967e4adec0d6f0956a381ce5428026f50
ac2e76e07a7208cc4c0f7afb773a89a314c4d13bf7f6def920ad50817e6ba735
b337c30f4350d5391cf738beff985928222e4ca4ffa6306be32ef274ce0df4b1
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6fe957d731ffd800edd114594547a1d0d9d086638035ad96158bc7c22833ed8
bc4e97dbbb9ce7c3ca5801b0b64c42e1faf83978b815f0eaf7c819757d0c464a
bc4f9c0465ed6abb47da677db72ed176752780420e50ff73732e951d0621dd3a
bd1d4e400dd699dc985072b99f68942f583743ef4762612e0a0b0d63fe4da797
bf16eafcae4421f1fdb86f8e002efc518441d71a3c3f6d75b07fbab890a843fb
c432a346f1350b841ef94740d8065a79e22339611a357e01807c664e21657181
c4b50d1791557f1dc0f14430527a50b0c314fea98c16bd409b1018b7a3a6524c
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cb8150953a7a0a8d71539d1f5540e09077de8cc8ac4e6bdc78118ce6ebf8efad
cd23a88f731c790907cca443cacbebd70ae3397d5c3713524f51059cf20d9b76
cd9b7548f0a8a40182488321e010043c33bafa70cfa9ec8d5ee3c9dc8e68afa6
d2a033a00ee48a517e6697add120b26bebf4646c8f70d003cfdc38faba6fbf28
d354f58e183ed80cfd5f1e23cc3eba3913c3cc9b5e16ceef19adea6b68560336
d5498fa8df7643df82d8f77416fffd331da8d06c79e6f1bfaa018ebc02b62def
d583594e749262814b1a22ea64757043a4988195f151ba94acdb7f4c9546aed0
d8a7c1b1e76bc305d9baa0716b04ec20f341a053a3459214ba5e16956cdcd84c
d94a6f7805414cb84319355ac5284387de5a45789083d85335e3dcbffd9bdeb5
d987ba69a7d4d05a655099a00551328ad31d0222432a19736740fd57eade270f
e0eb2c9dd7a07a5bd33b975b2a1973ce195d55fb9d6d70550cf4fe89d7889c3c
e1143e1930a026a7106624058e9ad9a65604a75d37c1b68e96ac3061ce96a562
e2ef046e1045cdcccb098fd4d0a7af68501c9e0cc7793c4256913398bfb1930d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f68be2d8073fe3c26998677d2f8c653a8789211fe1a281f244199743e1f88a
e948e74b2d56cf6161a323c24dc1ef8748c0c2100657bbdf18f6fbbafe029ea3
ed54fd45787a645eac2a842ab6eebd8506053acc3541aea89953c3b2f3b4bf4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1
f9415899914432486118054675710b93ae763510379a90ef501e43069d9e66bc
fbc59e161d33fb56bcc88ce76b11333ce57de06288f3fee8a4bf679fb1c1772c
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd5b6a4c0cddec5a598d9d760704de6cdaf9fbc7332c45d36acc4da30d375b86

ja.continuousdev.com Open in urlscan Pro 2606:4700:3032::ac43:a3d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

209 Requests

100 %HTTPS

64 %IPv6

21 Domains

26 Subdomains

23 IPs

8 Countries

4682 kBTransfer

9394 kBSize

3 Cookies

40 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.continuousdev.com Open in urlscan Pro
2606:4700:3032::ac43:a3d5 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

100 %
HTTPS

64 %
IPv6

21
Domains

26
Subdomains

23
IPs

8
Countries

4682 kB
Transfer

9394 kB
Size

3
Cookies

209 HTTP transactions
8 data transactions