urlscan.io logo urlscan.io
SecurityTrails logo

investigator.cybersoc.wales Open in urlscan Pro
165.227.251.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://investigator.cybersoc.wales/challenges
Effective URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Submission: On January 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 38 HTTP transactions. The main IP is 165.227.251.182, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is investigator.cybersoc.wales.
TLS certificate: Issued by R3 on January 13th 2022. Valid for: 3 months.
This is the only time investigator.cybersoc.wales was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    165.227.251.182 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
investigator.cybersoc.wales
9    2600:9000:2182:400:1c:2e7c:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.cloud.ctfd.io
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a05:d014:275:cb01:1f85:932b:b797:22f9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
gc.zgo.at
7    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a01:7e01::f03c:92ff:fe8f:edc6 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
cybersoc-investigator.goatcounter.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
187 KB
9 ctfd.io
cdn.cloud.ctfd.io
499 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
220 KB
4 cybersoc.wales
investigator.cybersoc.wales
6 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
5 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
87 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
645 B
1 goatcounter.com
cybersoc-investigator.goatcounter.com
394 B
1 zgo.at
gc.zgo.at — Cisco Umbrella Rank: 284228
3 KB
38 12
Domain Requested by
9 cdn.cloud.ctfd.io investigator.cybersoc.wales
7 pagead2.googlesyndication.com investigator.cybersoc.wales
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 investigator.cybersoc.wales 2 redirects investigator.cybersoc.wales
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 use.fontawesome.com cdn.cloud.ctfd.io
use.fontawesome.com
2 www.google.com investigator.cybersoc.wales
tpc.googlesyndication.com
2 fonts.googleapis.com investigator.cybersoc.wales
cdn.cloud.ctfd.io
1 www.gstatic.com www.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cybersoc-investigator.goatcounter.com investigator.cybersoc.wales
1 gc.zgo.at investigator.cybersoc.wales
38 15

This site contains links to these domains. Also see Links.

Domain
ctfd.io
Subject Issuer Validity Valid
investigator.cybersoc.wales
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
cdn.cloud.ctfd.io
Amazon		 2021-03-13 -
2022-04-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
gc.zgo.at
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.goatcounter.com
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Frame ID: E12B6310D4EB605ED372A1C6CD21773D
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Frame ID: 21B68A89FDC6FF8F8E7DB32C80EC3246
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1039483437363596&output=html&adk=1812271804&adf=3025194257&lmt=1642783672&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestigator.cybersoc.wales%2Flogin%3Fnext%3D%252Fchallenges%253F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642783672576&bpp=3&bdt=463&idt=114&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3871039248794&frm=20&pv=2&ga_vid=2077402370.1642783673&ga_sid=1642783673&ga_hid=483216302&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C44756896&oid=2&pvsid=1072438775425854&pem=554&tmod=1990597274&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: E84E74B735F175FD641ED160C9B1CCCA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E83E4593D2CEA7BB37E7E54CC1157BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 627A7871C04B4CC510E621ECE66A9D6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CyberSoc | Cyber Investigator CTF

Page URL History Show full URLs

  1. https://investigator.cybersoc.wales/challenges HTTP 302
    https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

38
Requests

97 %
HTTPS

87 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1013 kB
Transfer

2789 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://investigator.cybersoc.wales/challenges HTTP 302
    https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://investigator.cybersoc.wales/themes/core/static/sounds/notification.webm HTTP 301
  • https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/sounds/notification.webm?t=0b5ce417

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
investigator.cybersoc.wales/
Redirect Chain
  • https://investigator.cybersoc.wales/challenges
  • https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.251.182 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
588443f45cca784290b0e48af30c088a21a9038654e7c6b83405281027a93e90
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 21 Jan 2022 16:47:52 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=30
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31556926; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Content-Encoding
gzip

Redirect headers

Date
Fri, 21 Jan 2022 16:47:51 GMT
Content-Type
text/html; charset=utf-8
Content-Length
263
Connection
keep-alive
Keep-Alive
timeout=30
Location
https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31556926; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
fonts.min.css
cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/fonts.min.css?t=1642090243
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e90011d2975b2a1a80297cb1b79d704d884815b97bfc85680c290f5b3a92c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32669
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jan 2022 16:10:43 GMT
server
cloudflare
etag
W/"1642090243.0-63475-3419476577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouJeDgsQ1jOjALysIeJYrbP6yhoAekHG931MP8Bhw9tx1NUHmLqrXCU%2BVTS4bQ4jk1LXadqT1fvLecLIjJtmnYP389lo9hixcq0xVSjjMh4LQKUmDRLOEa6fM94d%2BwSN9R4I"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
cf-ray
6d0ee94a6bc74c86-AMS
x-amz-cf-id
3dS9NyVCHCJ0fhC87kN2vbCjLAxSv1OqdB-M539UNI8_V2BAPKIB1Q==
expires
Fri, 21 Jan 2022 19:43:23 GMT
main.min.css
cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/ 		149 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/main.min.css?t=1642090243
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ac61240d15bf200782d9405d8fc95e4a6a5861867f172749ec32f58186574b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32669
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jan 2022 16:10:43 GMT
server
cloudflare
etag
W/"1642090243.0-153060-3088257500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCEc6jrLMbKxVP5s%2FJPTztsf52XvetkX69kAN8YS9pupE1kQ4o1E9xquoUdCYxeeLQwFAEo2S%2BQGaPQ%2FPP51OlcKvEd%2BI0jm31wklbsXX8p1%2FyRaG5O9f0GdLszi%2BoZoGuvw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
cf-ray
6d0ee94a3cd26983-FRA
x-amz-cf-id
_gZmQcrdCkY4ayvX89PaupMoPtMLJeKHoMMOotRrtagmKLCfzfR53g==
expires
Fri, 21 Jan 2022 19:43:23 GMT
core.min.css
cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/ 		846 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/core.min.css?t=1642090243
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f68e8a68e91f7dde591eea4c0a52f400b96fb0437fdb6fc0ca09a8429cdd29e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32669
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jan 2022 16:10:43 GMT
server
cloudflare
etag
W/"1642090243.0-846-3091075552"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnYEcD70%2FNqDvxk1MC3hIIznvgOQ8YLrYqwklUT4YTJQxgmG7P9o3xyjC%2B7GkfiIN1jtC%2FhpYSeqj2IMdRXjjuwnnHrP19q61phYRdzskqk8QgSDYHK76Pyh2yJJnLPzhLFR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
cf-ray
6d0ee94a884300a7-AMS
x-amz-cf-id
zYue56CEqPfimGwNyQdYydRS9T2azHPaTaL2pA2iOfsnLi_xJS4dkQ==
expires
Fri, 21 Jan 2022 19:43:23 GMT
css2
fonts.googleapis.com/ 		2 KB
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu&display=swap
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 16:45:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 21 Jan 2022 16:47:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jan 2022 16:47:52 GMT
vendor.bundle.min.js
cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/ 		1 MB
431 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/vendor.bundle.min.js?t=1642090243
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c809a100d53333a8210ad04d2e9c34ce5a7d15188d466b4201398764e4a084d3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32665
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Jan 2022 16:10:43 GMT
server
cloudflare
etag
W/"1642090243.0-1428253-1104155797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvRyamGBEGjgqfyawmatgjqoZTSOm8iKNh2N9EJh5ymIWAkW%2FCANWJXuSQtSHnu81iw1xU2y%2BKqFDZNwyTHXYhZJf4A7MkB21M1BlGr4f0hBFeBeCSnLzOLWfoY1Ng7viCHS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
cf-ray
6d0ee9640ce44c86-AMS
x-amz-cf-id
V_3ebvd5iUrXdUak6ouWru3N_PjlpVEyrBT4ekKfRQaxuUMl6_liTA==
expires
Fri, 21 Jan 2022 19:43:27 GMT
core.min.js
cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/ 		0
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/core.min.js?t=1602625619
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:27 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32665
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
content-length
0
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 13 Oct 2020 21:46:59 GMT
server
cloudflare
etag
"1602625619.0-0-2487947528"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR8sFWmcLfDtcLbRo2flRQ%2F%2FqNQA%2F%2BqrB6lnBCKB14xrxurjnJV77Ll7YoO4IrIZvUfnZt%2FHY6E2wP0mr1ybuK3ZCf8lkgcP2SurdXh17MkxrfnbBf%2BpgshujtQHWpimVVLz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
cf-ray
6d0ee9663f0c6983-FRA
x-amz-cf-id
GmRHpyWFilFlI7scHec18yrY5amGcPEcppAxesU43OOTH4CObvi1kg==
expires
Fri, 21 Jan 2022 19:43:27 GMT
helpers.min.js
cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/helpers.min.js?t=1602625619
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190c305310e75468d8ae612321b25353c6a4f8a2cab598f77b6402ad0b1b4f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 07:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32664
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 13 Oct 2020 21:46:59 GMT
server
cloudflare
etag
W/"1602625619.0-5399-3412922962"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYQzOYGDWhK4Q2V3xg%2B9zMl5Gbr75ST%2BlwVRttM5nkfUdnPfsL4mKxMjWLZNMQ62i8TkGp6qAq7979D2%2FP9%2B35FnEce%2BYx%2FpYpO3PgN88InPnWGFIp%2Frd%2F%2BkJcQWXXoF2K1d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
cf-ray
6d0ee96bb8bcfa20-AMS
x-amz-cf-id
mz206zL2gInUSAA65gKcEDNxzgZQJL6tgJL0imhFysGofxBQ4Qsgpw==
expires
Fri, 21 Jan 2022 19:43:28 GMT
main.min.js
cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/pages/ 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/pages/main.min.js?t=1616639408
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253a40db35c7c8815d8690dd28b010135dd9c903f1e1509730d09b24534512c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Mar 2021 02:30:08 GMT
server
cloudflare
etag
W/"1616639408.0-51115-43586371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FdWNQ6Y5bkapZ7Np30il2l0o%2FJ9YKb4l6wWYO7AdsNEoH9dH2Hr%2FtVPE9wbctp07pMCAtFlTE8EQOg4vu08xrCGqd3oKgG3zhkCDBhoCyXRnmxLdb0G3UrQ%2FxLB2OTKpNVm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=43200
cf-ray
6d1206e12ecf40db-CDG
x-amz-cf-id
XACpKfE_Yxun6hqT3rlYjUtbex1MVs898Cwdacgfje0lxcboeXBK9A==
expires
Sat, 22 Jan 2022 04:47:52 GMT
recaptcha.js
cdn.cloud.ctfd.io/cybersoc/static/ 		485 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/static/recaptcha.js?t=62699383
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcb98e8c0474b4b8a3a06a9c21345275a02244e7791d90f2b2a20b5e0e7d840
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eryhq80whUNY5p3A0aTTcjlVPJNIYCB87Yo1KhNQQawMR1B92ZavV75B6jOc39sfySqTZ6puwRFAUZZ9EwtQPsswMT5rDrk1pPcC3QssLjf%2FhSXRaGemWfy3knxp%2FNVqph5J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cf-ray
6d1206e13d19331d-CDG
x-amz-cf-id
wlVVFL4wgfD3iNZL1fgbMxYnbmB_jQwC-BIMAXXnv6Imxr7SZyD7iA==
api.js
www.google.com/recaptcha/ 		909 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c50b88c6ec66ef01b21a71f05195ab98fc939dc0002ce0cfc25dac2ff261ea1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Fri, 21 Jan 2022 16:47:52 GMT
count.js
gc.zgo.at/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc.zgo.at/count.js
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6bcae1eaede6699e89898eb0eb3b0b970f4e5107f6b453d45f7b75fc157e44a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSYRK25AZ9ZECKJEKC3QWW9X
date
Thu, 20 Jan 2022 19:20:14 GMT
content-encoding
br
server
Netlify
age
77258
etag
"8894f05d0e67bafaf25279dbff8bfd41-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3023
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33c11f94618a087f86ffb6b4612535f78d8d2b9ae1f488d5326183ad3da9a8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51885
x-xss-protection
0
server
cafe
etag
18001882120531384002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 16:47:52 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: cdn.cloud.ctfd.io
URL: https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/fonts.min.css?t=1642090243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cloud.ctfd.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6095514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PJAG2XWN3VBY95S7
x-amz-id-2
AOMQE9LaGRoJowrAaVtU0HQS66eTEiKqK9bLr3aiDFcVWJ7ZsgedWfCol2iLFFdqUd/6SGimT74=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9yFF2537nsDqGVG2hM40SekKFHnjj2w8P81YYqWZH0DCzXRH1wPTfWkZozm0b%2BzbaT3xVVpAHmrgMvqWXaW1q9zqnuo%2BXbIUYUU4v8%2BPJtEtlmB%2FODbCantJKjg0XDegWgIeK%2Bp0uFOZovPBXpklBPs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6d1206e05eed4001-CDG
css
fonts.googleapis.com/ 		9 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Raleway:400,400i,700,700i&subset=latin-ext
Requested by
Host: cdn.cloud.ctfd.io
URL: https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/css/fonts.min.css?t=1642090243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ca92bb533d8e5fc09cac9da578ff0f8ab407cf2ec2719f6f34ac7eeb26c82a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cloud.ctfd.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 16:47:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 21 Jan 2022 16:47:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jan 2022 16:47:52 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investigator.cybersoc.wales
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:02:30 GMT
x-content-type-options
nosniff
age
222322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 03:02:30 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://investigator.cybersoc.wales
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2EGEV0RMYG1MK82R
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
x-amz-id-2
oDGTCEIJrWR5oCRyXNwf3UnuHvaaqHU9ud+gTNOJamOiyJmEBYZQqanMTRWkpxmFTKttQZUHPvE=
last-modified
Wed, 30 Jun 2021 15:48:27 GMT
server
cloudflare
etag
"b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxUW71wXwPnNGq%2BSBlHy9oegtlRiAfjIi0IIOdgEP156R%2F%2Bfa1hVZhxnHb8TXbPpbhBFgifFbBdGhN5j%2F348zbNwC6ShPyU3n3FxGKySF9fkm%2B9MKbnPKGUKcZ0nMJ0KeTanyAx4%2BNWgxK0Z3jBKbbeZ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6d1206e0efc6203f-AMS
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Raleway:400,400i,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investigator.cybersoc.wales
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 04:27:49 GMT
x-content-type-options
nosniff
age
44403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 04:27:49 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Raleway:400,400i,700,700i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investigator.cybersoc.wales
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 21:26:28 GMT
x-content-type-options
nosniff
age
328884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 17 Jan 2023 21:26:28 GMT
count
cybersoc-investigator.goatcounter.com/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cybersoc-investigator.goatcounter.com/count?p=%2Flogin%3Fnext%3D%252Fchallenges%253F&t=CyberSoc%20%7C%20Cyber%20Investigator%20CTF&s=1600%2C1200%2C1&b=0&q=%3Fnext%3D%252Fchallenges%253F&rnd=h79qn
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:92ff:fe8f:edc6 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
/
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
content-encoding
gzip
x-content-type-options
nosniff
x-rate-limit-remaining
3
age
0
x-rate-limit-limit
4
content-length
56
access-control-allow-origin
*
x-frame-options
deny
date
Fri, 21 Jan 2022 16:47:52 GMT
vary
Accept-Encoding
x-varnish
950305180
via
1.1 varnish (Varnish/7.0)
cache-control
no-store,no-cache
x-rate-limit-reset
1
accept-ranges
bytes
content-type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104511
x-xss-protection
0
server
cafe
etag
8669457024530343480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 16:47:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/ Frame 21B6 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Fri, 21 Jan 2022 16:20:20 GMT
expires
Fri, 04 Feb 2022 16:20:20 GMT
cache-control
public, max-age=1209600
age
1652
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		218 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=investigator.cybersoc.wales&callback=_gfp_s_&client=ca-pub-1039483437363596
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
73d53afb8f8988595b66d2a3452d756c0e050cf1e99e59d0bceea900738bf110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=investigator.cybersoc.wales
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=investigator.cybersoc.wales
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Finvestigator.cybersoc.wales%2Flogin%3Fnext%3D%252Fchallenges%253F&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20bg-dark%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 16:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E84E 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1039483437363596&output=html&adk=1812271804&adf=3025194257&lmt=1642783672&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestigator.cybersoc.wales%2Flogin%3Fnext%3D%252Fchallenges%253F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642783672576&bpp=3&bdt=463&idt=114&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3871039248794&frm=20&pv=2&ga_vid=2077402370.1642783673&ga_sid=1642783673&ga_hid=483216302&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C44756896&oid=2&pvsid=1072438775425854&pem=554&tmod=1990597274&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 Jan 2022 16:47:52 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investigator.cybersoc.wales/
Origin
https://investigator.cybersoc.wales
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 16:45:45 GMT
notification.webm
cdn.cloud.ctfd.io/cybersoc/themes/core/static/sounds/
Redirect Chain
  • https://investigator.cybersoc.wales/themes/core/static/sounds/notification.webm
  • https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/sounds/notification.webm?t=0b5ce417
13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/sounds/notification.webm?t=0b5ce417
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
H2
Server
2600:9000:2182:400:1c:2e7c:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee895ba2d8ac31634cbf5658d71997af55e72909bd9b94b11ae0e807af1a389
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:53 GMT
via
1.1 892b66fb24658030c9f86276c7abeda4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains
content-length
13257
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 13 Oct 2020 21:46:59 GMT
server
cloudflare
etag
"1602625619.0-13257-1580995969"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKvN7gSc49cpvLgl3ZseRLkwm8zfwSpoVF%2BRI7l6MIPcJpVU%2FegNFb7njGUA6JShqntYrnN9xp%2F0mvcw1l8yyShJkoZ5YGG9A0iLijLvIro1T16FAU30x3Odhsdi2uDAyphl"}],"group":"cf-nel","max_age":604800}
content-type
video/webm
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
6d1206e45d196b33-AMS
x-amz-cf-id
FIs1DivmhPkoDB1ZWTRlJ6PLGtV1T07SPfiH4NpjyV8RgKYR6wZusg==
expires
Sat, 22 Jan 2022 04:47:53 GMT

Redirect headers

Date
Fri, 21 Jan 2022 16:47:52 GMT
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31556926; includeSubDomains
Content-Type
text/html; charset=utf-8
Location
https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/sounds/notification.webm?t=0b5ce417
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
Connection
keep-alive
Keep-Alive
timeout=30
Content-Length
385
X-Content-Type-Options
nosniff
events
investigator.cybersoc.wales/ 		6 KB
3 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://investigator.cybersoc.wales/events
Requested by
Host: investigator.cybersoc.wales
URL: https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.251.182 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
27a230653b30341a7896c7589896cf747128e2b5e8831b34743698ebe251a500
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://investigator.cybersoc.wales/login?next=%2Fchallenges%3F
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 21 Jan 2022 16:47:53 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Connection
close
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31556926; includeSubDomains
X-XSS-Protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dc7d1232bf5070f29de24ed64b5283d78d25123040be785851ed1827eb1d51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Jan 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9064
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1039483437363596&plah=investigator.cybersoc.wales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Jan 2022 16:47:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E83 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 21 Jan 2022 16:02:30 GMT
expires
Sat, 21 Jan 2023 16:02:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 627A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05d8b1da317990ad5786eeaa02e97c610b94f2ced3d4601be49ea3dbccd75004
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SgIgBB3l7UQSE9q1To2/FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 21 Jan 2022 16:47:53 GMT
date
Fri, 21 Jan 2022 16:47:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SgIgBB3l7UQSE9q1To2/FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 627A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220119&jk=1072438775425854&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 9E83 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
1947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 16:15:26 GMT
generate_204
tpc.googlesyndication.com/ Frame 9E83 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?99kPHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:47:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220119&jk=1072438775425854&bg=!9Pel97PNAAZ_DxPPfw87ACkAdvg8Wp5vWNGFffXhLJ8ZGzXW2MWU5XL9ZEh96zwi8YwAWGvC6NfB-wIAAABaUgAAAANoAQcKAJE8TPqq0FdybpIog7iFbaoGhsCfy4QPTg2vn7D22zMVhj2Frg-tXt_-07UywC_iYXjPaZM44hGXbuLQrMmDfOkuOOl4GN2kTSn4mhe96FNYuHeqOdz1XgJQ8S5TbGUYfj1_cotrSzp7cIzXGN_F44sBVq6l6RVMyOniG6ykAaP4Ymc91tVNqxnx4lt30nplsjVSmQLZx1VRFDOdT3lShNMu_V-kZAnRSQ1qiZm3CNlXRU_DB7Xn-Y5FkewSVq4uTc8EsT4rqaCdNuuWBA3MQ1APIH0-JD7Y3GO310a75NSOjVyU6uhwNmGhMIibNz163lyMgiobiqpLf0nVziC-ObvTGqiUi5y90aNJtQrycet-rwx16N7H8Gup9a3dphQRyTxfISeDlylWqK-n6SWLqAYCpnOJJxryApRPXSu2qTF33JS5m4AkL7Orkjy3ty0y8Y5Syt37HT6QeyP3vo9eT4bsC-8j0nmG6GYv6NeVr6xIlv83mTOjoYqE615Z24wwASxcrhO0nmuvV_R-R37dp-p39el2lSX4QeZ0pAujlX2Jg1GrvXZD0hjcodEuyLL2P1joL2sW0rhss2vNFFvg-ivmhpIK40ruYLe216UjtDJ9JbsoseGjrT72HFBK_63RM0h0pyhz_1c8ZoM_u3cc8YMh859c_r4348umzEA-livWQSOncSVgfuZVU-ZS8fj4XbsX4aF1moHJxcjsd7cIB-jf1gcdrOe8h1SbOsZovSj6X-A1F1zLoMt1z1JuBY8Qest8bDfn4NPFGwHvoeE5eeJ4bLy671PiYcwV1q0BBavvOLZjK8oPAa-IuHX-Kr0I8ggB4FkfkY5awjW929Brpqrvj3k2JZZVi2o8P9kWITeswu6DTnEUWomm4nLdY0f5DA-D6k2zfX3jerVcaOjPyOtyMOiTlYUKDi62XyFRbZ9h96x94YAsqvMtjSubV-US5FLCI2kq4-nkA0YWuDyUedO34r-Va0HwndJuHRrK-xPxZaZkCc5T2WIpWIJKfM8iJb-7hnOxXbSgWOLcPeRGi1DQ6YI9qVgasFhUv0ikaTiqqIo8LUZYtnpWZVLJv_7EaZm2uscxhQu4u6emAM1Peg89CNSxn_onig61DK_LSqtpENHHN285qKTnw5m4rbKBq2qmqjIAUbvz05GsJSP4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investigator.cybersoc.wales/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 16:47:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| init object| webpackJsonp object| goatcounter object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| setImmediate function| clearImmediate function| HowlerGlobal object| Howler function| Howl function| Sound object| CTFd object| helpers function| $ function| dayjs object| nunjucks function| onSubmit function| onloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
investigator.cybersoc.wales/ Name: session
Value: 9ea947d5-5cd5-4ebc-bd9a-9365261c5bbd.kiwXjjSTYDkD4TOENJ99RpkPsfI
.cybersoc.wales/ Name: __gads
Value: ID=f057ff87d86ef750-22a85c0525cd008b:T=1642783672:RT=1642783672:S=ALNI_MZj_Ywms6DG5QRYdc7Vs6aYEt9YjQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn.cloud.ctfd.io/cybersoc/themes/core/static/js/vendor.bundle.min.js?t=1642090243(Line 72)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1039483437363596&output=html&adk=1812271804&adf=3025194257&lmt=1642783672&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestigator.cybersoc.wales%2Flogin%3Fnext%3D%252Fchallenges%253F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642783672576&bpp=3&bdt=463&idt=114&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3871039248794&frm=20&pv=2&ga_vid=2077402370.1642783673&ga_sid=1642783673&ga_hid=483216302&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C44756896&oid=2&pvsid=1072438775425854&pem=554&tmod=1990597274&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://investigator.cybersoc.wales/events
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.cloud.ctfd.io
cybersoc-investigator.goatcounter.com
fonts.googleapis.com
fonts.gstatic.com
gc.zgo.at
googleads.g.doubleclick.net
investigator.cybersoc.wales
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.gstatic.com
142.250.181.226
165.227.251.182
2600:9000:2182:400:1c:2e7c:4680:93a1
2606:4700:3037::6815:4e07
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200a
2a01:7e01::f03c:92ff:fe8f:edc6
2a05:d014:275:cb01:1f85:932b:b797:22f9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05d8b1da317990ad5786eeaa02e97c610b94f2ced3d4601be49ea3dbccd75004
0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d
190c305310e75468d8ae612321b25353c6a4f8a2cab598f77b6402ad0b1b4f7f
253a40db35c7c8815d8690dd28b010135dd9c903f1e1509730d09b24534512c5
27a230653b30341a7896c7589896cf747128e2b5e8831b34743698ebe251a500
2e90011d2975b2a1a80297cb1b79d704d884815b97bfc85680c290f5b3a92c60
33c11f94618a087f86ffb6b4612535f78d8d2b9ae1f488d5326183ad3da9a8b2
3dc7d1232bf5070f29de24ed64b5283d78d25123040be785851ed1827eb1d51b
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588443f45cca784290b0e48af30c088a21a9038654e7c6b83405281027a93e90
5c50b88c6ec66ef01b21a71f05195ab98fc939dc0002ce0cfc25dac2ff261ea1
5f68e8a68e91f7dde591eea4c0a52f400b96fb0437fdb6fc0ca09a8429cdd29e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bcae1eaede6699e89898eb0eb3b0b970f4e5107f6b453d45f7b75fc157e44a7
73d53afb8f8988595b66d2a3452d756c0e050cf1e99e59d0bceea900738bf110
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
98ca92bb533d8e5fc09cac9da578ff0f8ab407cf2ec2719f6f34ac7eeb26c82a
9fcb98e8c0474b4b8a3a06a9c21345275a02244e7791d90f2b2a20b5e0e7d840
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c2ac61240d15bf200782d9405d8fc95e4a6a5861867f172749ec32f58186574b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c809a100d53333a8210ad04d2e9c34ce5a7d15188d466b4201398764e4a084d3
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fee895ba2d8ac31634cbf5658d71997af55e72909bd9b94b11ae0e807af1a389