gbhackers.com Open in urlscan Pro
2606:4700:3034::ac43:a5ec Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gbhackers.com/soc-defense-attack-chain/
Submission: On September 07 via manual (September 7th 2023, 3:56:04 am UTC) from IN — Scanned from DE

Summary HTTP 178 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 21 domains to perform 178 HTTP transactions. The main IP is 2606:4700:3034::ac43:a5ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbhackers.com.
TLS certificate: Issued by E1 on July 10th 2023. Valid for: 3 months.

This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700:303... 2606:4700:3034::ac43:a5ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4 19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4009:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	3.120.219.48 3.120.219.48	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:a526:958d:fa93:9c2b	16509 (AMAZON-02) (AMAZON-02)
178	22

35 2606:4700:3034::ac43:a5ec (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gbhackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4009:80b::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.219.48 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-219-48.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:a526:958d:fa93:9c2b (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	663 KB
35	gbhackers.com 1 redirects gbhackers.com	487 KB
34	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 cm.g.doubleclick.net — Cisco Umbrella Rank: 259	338 KB
30	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	330 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180 www.googleadservices.com — Cisco Umbrella Rank: 156	607 B
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	8 KB
8	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12624	447 KB
7	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	929 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	283 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 660	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5086	653 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1052	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	297 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 991 r.turn.com — Cisco Umbrella Rank: 4368	869 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2053	297 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2238	172 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 41280	612 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 799	338 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 633	363 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	546 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3462	104 B
178	21

	Domain	Requested by
35	gbhackers.com	1 redirects gbhackers.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	gbhackers.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	fonts.gstatic.com	fonts.googleapis.com
11	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
10	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
8	www.googleadservices.com	googleads.g.doubleclick.net gbhackers.com
8	fonts.googleapis.com	gbhackers.com googleads.g.doubleclick.net
8	blogger.googleusercontent.com	gbhackers.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
178	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
www.indusface.com
security.docontrol.io
blogger.googleusercontent.com
ethicalhackersacademy.com
github.com
pinterest.com
api.whatsapp.com
bit.ly
news.google.com

Subject Issuer	Validity	Valid
gbhackers.com E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://gbhackers.com/soc-defense-attack-chain/
Frame ID: 226550D159B1ED56A5F1ADDF04433085
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 50E132F2C6AD4D44CEDC01B155D40D4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=181&slotname=4100772080&adk=2726006373&adf=3920302117&pi=t.ma~as.4100772080&w=696&lmt=1694051759&rafmt=11&format=696x181&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959566&bpp=4&bdt=381&idt=194&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&correlator=6820998730507&rume=1&frm=20&pv=2&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3005&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zRS1bhCHXd&p=https%3A//gbhackers.com&dtd=210
Frame ID: 80CD79771E3EA06A0322981CA18D5185
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1694051759&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959587&bpp=2&bdt=403&idt=196&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x181&nras=1&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=215
Frame ID: 873835F8EADC3275F9395AC06FA48233
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A4DB9B52288CE466D82BDC976DEE3F96
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19
Frame ID: 93F48ADE7CC9C4FC57F8E89CDC5387CD
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: C7DB30AE81AFFDB095F194A43D6F1063
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html
Frame ID: AD04F185675445B06B129AF9EE4C337B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html
Frame ID: 96372AFF0DBEF9E8DA2B2B10BA48672F
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E95B88EB7934154F5370227E5C15C8F0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 38AE05EFE029E5F971F86DC8077D1531
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE901642B146C97B367CC028F4C2F97A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 975AE9CA76BA12FBDC4D5E5B462FFE93
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: CC403E7DBC99839D2ADA6B454553F96C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97141A78DCEFC297A60C91360A1151F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26F9BEDF1C2FDD4B10052405C13DB425
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8
Frame ID: CEA059C318F246D6F1C9C807736EB91E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 034A3B6A929292E4F46027376CB057E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C502595A97382E63B62156AED327C87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45C9624BC697BF49D16A69D1CE2B8E72
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26B1FFAA6B4E5815F7B7E67BFA37BE43
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: AEE007EA3AB8A560295FD8227AF3022B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SOC Defense phase - Understanding the Cyber Attack Chain

Page URL History Show full URLs

https://gbhackers.com/soc-defense-attack-chain HTTP 301
https://gbhackers.com/soc-defense-attack-chain/ Page URL
https://gbhackers.com/soc-defense-attack-chain/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

178
Requests

93 %
HTTPS

59 %
IPv6

21
Domains

28
Subdomains

22
IPs

7
Countries

2558 kB
Transfer

6700 kB
Size

17
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gbhackersadmin

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gbhackers

Search URL Search Domain Scan URL

URL: https://twitter.com/gbhackers_news

Search URL Search Domain Scan URL

URL: https://www.indusface.com/gartner-peer-insights-voc-web-application-and-api-protection-2023.php?utm_source=gbhackers&utm_medium=ppc&utm_campaign=gartner-2023

Search URL Search Domain Scan URL

URL: https://security.docontrol.io/cybersecuritynews
Title: <img width="980" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZLywVzXex7KKQSsghD546Ah2NPBKgeyLy3C5mAwjwhunvleFyEaHhE-se8EE55Acu0f_FVDyV8BqWbazCE-GVeFn6KwmamSiN1ues_q5ZWeRQcj-84XjZBSeS0JfKxkn9mYmjCWRKqBcLgNNVi2NMWdWSUoe_qR2iQdhGClCgToo9Ylkbg39sPur4J8Td/s16000/Ad_SecureData_980x120.png " alt="CSN">

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8vyMfeL916QpN6Ou6CsllC7JpcOggGroGPc5jARzPtPMY2T-UZhQhYnC8wUvLihSLumtJArVXEVMGd2i9pPOBpHyiQDWpe3xMUDw9HrvYQuq4YaJyWKqTyZR6WG6M-0ikOdp9OLRsyVYR9sYfce5V_QYRyKyC0ygFLTlntrU0MAQiIYfcmelCdKxAQ/s16000/attack-chain.webp

Search URL Search Domain Scan URL

URL: https://ethicalhackersacademy.com/collections/top-rated-courses/products/soc-analyst-intrusion-training
Title: – Cyber Attack Intrusion Training for SOC Analyst

Search URL Search Domain Scan URL

URL: https://github.com/api0cradle/LOLBAS/blob/master/LOLBins.md
Title: Reference

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=SOC+First+Defense+%E2%80%93+Understanding+The+Cyber+Attack+Chain+%E2%80%93+A+Defense+with%2Fwithout+SOC&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&via=GBHackers+-+Latest+Cyber+Security+News+%7C+Hacker+News
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://gbhackers.com/soc-defense-attack-chain/&media=https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8vyMfeL916QpN6Ou6CsllC7JpcOggGroGPc5jARzPtPMY2T-UZhQhYnC8wUvLihSLumtJArVXEVMGd2i9pPOBpHyiQDWpe3xMUDw9HrvYQuq4YaJyWKqTyZR6WG6M-0ikOdp9OLRsyVYR9sYfce5V_QYRyKyC0ygFLTlntrU0MAQiIYfcmelCdKxAQ/s16000/attack-chain.webp&description=In%20most%20times,%20the%20cyber%20attacks%20are%20getting%20executed%20in%20stages.%20So%20the%20SOC%20team%20must%20understand%20the%20attack%20patterns%20and%20the%20attack%20chain.
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=SOC+First+Defense+%E2%80%93+Understanding+The+Cyber+Attack+Chain+%E2%80%93+A+Defense+with%2Fwithout+SOC%20%0A%0A%20https://gbhackers.com/soc-defense-attack-chain/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://bit.ly/3KAnfOD
Title: Patch Manager Plus

Search URL Search Domain Scan URL

URL: https://bit.ly/3KAnfOD

Search URL Search Domain Scan URL

URL: https://www.indusface.com/web-application-firewall.php?utm_source=gbhackers-banner&utm_medium=ppc&utm_campaign=managed-waf-usd-99
Title: <img width="300" height="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31b1WDSmqshyN3cEpkEprhl3kNt-zagtkffvumEVFf4tkD/s16000/gbhackers-waf-banner-300x600.png " alt="Website">

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqKAgKIiJDQklTRXdnTWFnOEtEV2RpYUdGamEyVnljeTVqYjIwb0FBUAE?hl=en-IN&gl=IN&ceid=IN%3Aen
Title: Find On Google News

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbhackers.com/soc-defense-attack-chain HTTP 301
https://gbhackers.com/soc-defense-attack-chain/ Page URL
https://gbhackers.com/soc-defense-attack-chain/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gbhackers.com/soc-defense-attack-chain HTTP 301
https://gbhackers.com/soc-defense-attack-chain/

Request Chain 80

https://googleads.g.doubleclick.net/pagead/adview?ai=CBVcsz0n5ZLmNMbijjuwPyOSgsAL-24Tpb-jO-4THENzZHhABIIqq9kJglbL4gZQHoAH44PT6A8gBBqkC7-3G4tn-sT6oAwHIA8sEqgTqAU_QmnwIsHmpUn1dG8zUyXWpZ07Tn5uD5p0IIMOqu5vQRa_-DBbrt08QsgDlhmu6EXd5xYs9AVzioh3-Y-SgbUHIDTmq-hAgKfpzpZLpxdzgFqcIumkvgevFshKTDbc7AEz4LJiQBttQAuiHtirFRWaq9nHUQjjHZKRJ1wPRnEdyU5ca07DRVz_3wSfX8BINIP81P88HXhMEPH9GWf4Q6_ICVwC-7dPLBOA8SCZzjDblrrD8vKajguvjTYNK3llTHKXqTTMjnaiDP6NjuTQ34_5GJq1-nqq7lB3I1xuYNTJJicRc9fANx5dz6cAEptn0sIoEiAXZ9K6wLpIFBAgEGAGSBQQIBRgEoAY3gAfwnosFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6MYf0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJQmh0dHBzOi8vd3d3LndhZ28uY29tL2RlL2xwLWhhbmRidWNoLXByYXhpc3RpcHBzLXNjaGFsdHNjaHJhbmtiYXUtMoAKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=jgiW6FgqIow&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW1onpulYrW4IL9J03OQpFIUk4rCL-zRgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228625392361746633443%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216658588234173564881%22}&andc=true

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://googleads.g.doubleclick.net/pagead/adview?ai=CF0AXz0n5ZP7nMrijjuwPyOSgsAKPrN7lcqbThvjJEdzZHhABIIqq9kJglbL4gZQHoAGX0bmbA8gBAakC7-3G4tn-sT6oAwHIA8sEqgTuAU_Q0gTocyyRsiodPtlskTc8g4Z_nuqI-C3v6IzjcuSjvl4t8fB5aIZPHBv72a-xDAOzfkCd6MOrdbCsa8_HgI81w6tCFz7e83ATK71xBKKdPwFgzMloFCGCduur4hYj-P22Xtz7rp-5vGD-XOpMJ9o7t7t0IIMEAiEmItvl3IzzwNiQAXx4O1-HdbEMxVw6UavFdNE1afE8UCDxJemik3YF2hdKpDIixxdW7gr5TkPfxQfc_EFtKu0e-leG40OhATGUF9pGtBoob7-fcfAiLOjB8ApSxFuxMzMTqTw4CFr0vcUhtdhnt0FERod-qcDABNu1qYidBIgFyIm41EKSBQQIBBgBkgUECAUYBIAH0a7GZKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOPNVdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCVVodHRwczovL3d3dy5naS1kZS5jb20vZW4vc3BvdGxpZ2h0L3BheW1lbnQvZ29pbmctZnJpY3Rpb25sZXNzLXdpdGgtb25lLWNsaWNrLWNoZWNrb3V0gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTUzNzI3ODYxNzQ3NjAyMjgYAA&sigh=6AextA6rzVU&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWoV5Mo-2PeVm792Ty5pV4hg6pp0jezRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211104445000559073731%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224770837931983141969%22}&andc=true

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://googleads.g.doubleclick.net/pagead/adview?ai=CeA3B0En5ZIORL8mkxdwPrI2T6AON55WkcfrOyoz4DKTn8u2VAhABIIqq9kJglbL4gZQHoAHLuKCjA8gBAakCf8U5KOurJz6oAwHIA8MEqgSYAk_QiXpb9ciP_M1CPVq6-g9GXKjhabg_UmbCcRDdQ1AnoxLDzEHQ7CFLmIFOntdHo_YbS-kxSnbsSWmeuXW-I83by6goMXoNe8LBuw5ZUO35dNtd8oEaoeMO0NFPm6SO4HNML97Z_UtezYl-XgdOyOIXX-25HBBQhdUh7zsRKe6CY3JkUxPa_mM69JVfNXEE8n9E1ne9fQghTVHVzfe6WJhBsWTtQ_NPe-osOg9kRU7_RrVDWC24VhEK8X1rfIQdzyCg0zXRMr2PWRizEg7jqWE74Dh2cd7fye8BQJESLYp-c28Rc0PwepEdNaLKBstJw1JHrByoXdNOrk7E3DLdXlKoblZmpqDEh_vEk3sXsFL_158U0cz8VxPABLeA1cysA4gFw6q1-iuSBQQIBBgBkgUECAUYBKAGUYAHncffXKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI3RD9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRVodHRwczovL2JpdG5pbmphLmNvbS-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTM3Mjc4NjE3NDc2MDIyOBgA&sigh=oVkYaevzSoY&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPQM6O7Wm2r6zCkIyPKKgi5qOm_JlldDrr_eTHx_tQ1sDpihTi4m4uR2gSgGKxOQ82xRpbYuIxhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211642615727245581461%22,%22debug_reporting%22:true,%22destination%22:%22https://bitninja.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879238219%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221118273412044005473%22}&andc=true

Request Chain 143

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1&google_push=AXcoOmSy-MoBPjOwe6vqfyrLvOf5ZS3ygo8yeEDwaUCul13oRYNDzMhFk9ah6w1GZDyhhoTxABEHqt1zsmNKpen8L7fOr-iSHaY3uzs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyNDkyMTE1NDQ2ODY0NjYwNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK3Jiw4BFRZjEeSWuiilZhw&google_cver=1&google_push=AXcoOmSabdOXPdfuaskDmoy5jNG9Vf46pgMzoaRH-VCSjz6IOCa1xYGjvGvcHKSNP0b8MDKfQi8ZVutrLki_GZMy1NwjwjBVKVb9JvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK3Jiw4BFRZjEeSWuiilZhw&google_push=AXcoOmSabdOXPdfuaskDmoy5jNG9Vf46pgMzoaRH-VCSjz6IOCa1xYGjvGvcHKSNP0b8MDKfQi8ZVutrLki_GZMy1NwjwjBVKVb9JvM

Request Chain 148

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa-DeKcnwxJHhzsJ-LYBuDafo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa-DeKcnwxJHhzsJ-LYBuDafo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa-DeKcnwxJHhzsJ-LYBuDafo

Request Chain 149

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL0lpZTBEDXv9JmmUM0xn2s&google_cver=1&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3v1bdRggppbOH28HBHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3v1bdRggppbOH28HBHg

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 178

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQftRVzfHSnr_K2KRkvxJ02RTLr69BlbOuxLhmvuZXEsV4CfMukHBsijuTo HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQftRVzfHSnr_K2KRkvxJ02RTLr69BlbOuxLhmvuZXEsV4CfMukHBsijuTo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1NaYW5CdUsxUUU2N0U1&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQftRVzfHSnr_K2KRkvxJ02RTLr69BlbOuxLhmvuZXEsV4CfMukHBsijuTo

Request Chain 180

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGUOU18cau1HqDBFSIQgnRM&google_cver=1&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJhTiY7XVhqQEmv9MqekfpY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJhTiY7XVhqQEmv9MqekfpY&google_hm=GesIotOZSG6KgU9zDLb3moM

Request Chain 182

https://d5p.de17a.com/cookies/google?google_gid=CAESEHKjpCChT5F3FOCLZEqKTLU&google_cver=1&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHKjpCChT5F3FOCLZEqKTLU&google_cver=1&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE

Request Chain 183

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY9H3hxEcVqYYbSlW63NhLHTqGc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY9H3hxEcVqYYbSlW63NhLHTqGc

Request Chain 188

https://googleads.g.doubleclick.net/pagead/adview?ai=CBG8T0Un5ZJOrHpeg3wPYjLCIAtHjud9yzISllpQRzc_b_uogEAEgiqr2QmCVsviBlAegAZKZq_wCyAEBqAMByAPLBKoEmAJP0GRUwGRIfcDrCja3vHq52xIcgvohQFWBz0yZcDAAveC1jAmZXVZQ8epkMQJCwz4-xNGYlKpKvUVsofNQkQJNbYrXeaOMj7XQk7nmkNQNvif8_y5UDYXkps3YqXQEBKaC6L90YnRtuQzz1l5g-HmZYcA2DWqevpBHJF37RkAZcmvgg-iaglKjaR7piFrdIMfcWjyL9d9BFMrdRrR2cswZDRP4vPMZK_lI78fVewEGWJ3pCxmKqTsMOHrqiKJ1yc8brQbI_1_MkdPWKyURnwcL0azTgP3jj-XxetsLlBGljaUcYBB9Xg40Xl1ruqDfWUWz2I9cyD-F3id7LJJQjl6eoXQb_jzcOG5wmX8YKnt6PTfPt4k1Z2m5wASw1s6vxQSIBdvAp8lLkgUECAQYAZIFBAgFGASAB9bm1IMBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6tMV0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJyQFodHRwczovL2dvLmNyb3dkc3RyaWtlLmNvbS9jbG91ZC1yaXNrLXJlcG9ydC0yMDIzLmh0bWw_dXRtX3NvdXJjZT1nb29nJnV0bV9tZWRpdW09ZGlzJnV0bV9jYW1wYWlnbj1jbG91ZHNlY3VyaXR5JnV0bV90ZXJtPXBzcF9jaV9pdGRtJnV0bV9jb250ZW50PWZ1bmQtbGFxdS1lbi14LXJkYS1kYWNoLXBzcC1pdGRtLXdodC1jbG9kX3Jza192M19jMS14LXiACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTM3Mjc4NjE3NDc2MDIyOBgA&sigh=39sL6Ck7TAI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWra2SBBSiAv0wBTQ2O1m_gmB8P3bipxZ9sLUDd-Xrna1xUEy1d4UYlt7MODfHSmpRKLDP1PvL6BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215095973940217296774%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22797625490%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213095681657036158161%22}&andc=true

178 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
gbhackers.com/soc-defense-attack-chain/
Redirect Chain

https://gbhackers.com/soc-defense-attack-chain
https://gbhackers.com/soc-defense-attack-chain/

304 KB
52 KB

276ms
276ms

Document
text/html

2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1dca191bd55f02dd73c63ae0a0628e5ff64fe7da8404fcc5b48957438e11aa8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 802c04e758c00368-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:55:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/27396>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=27396>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eoloFCraJfcZE%2BIUB8SkhY%2BSW3eaJ4Trgcp7t4hpDfsmcMLTvP7026Aj1luAWNWAfy7j1JVQrkv8z2OHXLx%2F%2FfDUNzwBoHBV78j9C4FwcMpiamlDoDqWLGvR4%2BzP3XPhqD%2FLWv%2FBi3vBiBI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 802c04e4cf1f0368-FRA
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:55:57 GMT
location: https://gbhackers.com/soc-defense-attack-chain/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdZyFSL7PJsG0K5glTedtxI5%2BT95qvLDJjfOUXxbKGKFMW5aqXKEPeHdtz46aWqzXlT4hjwK1sZ8m7XLx0hB0p2%2Fxj5mm6wYD41cJnsJ4GvFOz%2F6Auy%2Fb%2FZcqTbwxj9zLjCzHyBq%2BTEQTfe0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H3 200 9076fed2a09c1ad5afa8321b8af8b547.css
gbhackers.com/wp-content/litespeed/ucss/ 35 KB
10 KB 30ms
30ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/ucss/9076fed2a09c1ad5afa8321b8af8b547.css?ver=c0894
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a33e71a9cbaefebbf21228caa676e84ef33efff72647b646b24f924cfe208f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215
cf-polished: origSize=35975
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 08 Jul 2023 07:38:40 GMT
server: cloudflare
etag: W/"8c87-64a91280-c4bd4b55c2b6b35e;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNYgHU82NVuScbCw1UCQR379nkZD2oNZlmpdepqSOwF0EreCRpn%2BQ5grMwFGyFOOHvTBZWNkBD0iBY%2Fof%2FLwc0OsldneC9Is%2FaxeS9wstUVtlDdJ04KouVmjCf3S7XRzoavxeBjDHxKcWnWs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04e918c62c53-FRA
expires: Fri, 06 Sep 2024 09:52:23 GMT

GET
H2 200 gartner-728x90.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9c6sqktEWMA6T-OcpHVdx0panfJONwRK9SzMYHSn3KN4LZ63V4kgoDVcBwPrTXppmvGp82JmePKPy9VWQYn8nTTeaRPer5ti9vYMHfOdXaF-FyHYMZeVOk9gLJuzUu3YQefCccJ9Z8su8lPsZ... 37 KB
38 KB 582ms
531ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9c6sqktEWMA6T-OcpHVdx0panfJONwRK9SzMYHSn3KN4LZ63V4kgoDVcBwPrTXppmvGp82JmePKPy9VWQYn8nTTeaRPer5ti9vYMHfOdXaF-FyHYMZeVOk9gLJuzUu3YQefCccJ9Z8su8lPsZG_Q1Qtuh-zz2itXMu6ch4inmLeHKiVJ7pOcUshm7Zg/s16000/gartner-728x90.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61a463435bd9b5cd2d48af99a7bafa177dc3c635e3b144fb4b006cf4d3c5b24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v4ed0"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gartner-728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38127
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:58 GMT

GET
H3 200 GBH1.png.webp
gbhackers.com/wp-content/uploads/2022/11/ 1 KB
2 KB 27ms
27ms Image
image/webp 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5de8924a9ee0b7078ae7b57d7391c40591f0edd22b1a26d7c4f6d11b6def515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6651565
alt-svc: h3=":443"; ma=86400
content-length: 1234
last-modified: Thu, 22 Jun 2023 03:18:52 GMT
server: cloudflare
etag: "4d2-6493bd9c-19fa5d282761794f;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwTeN3bZ%2BwARIUXmWrBkRYaxdsfPWwvGAVg9BHZcPRhVdYOhy0wL4AUT7OOcbFgPW2ZcSh8PoT0L0MMFAuQFfDP2lx2%2FbbpsqvJbqEktpttsutPDPPLU0K2pcaUReIa3pN5g7Nt5JwdVOMYE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 802c04e938e02c53-FRA
expires: Fri, 21 Jun 2024 10:16:33 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233f2b2d1dc2196f93c236a30a61cbea0a794a1241fc50a85baac3720a95d65d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 32 KB
33 KB 28ms
27ms Font
font/woff 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?21
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/ucss/9076fed2a09c1ad5afa8321b8af8b547.css?ver=c0894
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/ucss/9076fed2a09c1ad5afa8321b8af8b547.css?ver=c0894
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3569184
alt-svc: h3=":443"; ma=86400
content-length: 32832
last-modified: Wed, 02 Nov 2022 16:03:47 GMT
server: cloudflare
etag: "8040-636294e3-a216febcbb15847f;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gFl%2BGP0DSqB2ufyW4suiln56nNC3OLx8xAqCxvanshoEwWuhR85HAtnL2XsI9yyjs9Xz8yJvnzTOyeBdAdIPfPhbe8dBQdiY3qPmCKiz3cqKP1Lq0L8vKSB%2Bw4su6M%2BAofriie6vwhqdm72"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 802c04e958f32c53-FRA
expires: Sat, 27 Jul 2024 02:29:34 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53b8783cc8c86a6459106c7fa537367fe9d2713b68c604db8ad7d864c53a5d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 attack-chain.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8vyMfeL916QpN6Ou6CsllC7JpcOggGroGPc5jARzPtPMY2T-UZhQhYnC8wUvLihSLumtJArVXEVMGd2i9pPOBpHyiQDWpe3xMUDw9HrvYQuq4YaJyWKqTyZR6WG6M-0ikOdp9OLRsyVYR9sY... 44 KB
44 KB 552ms
552ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8vyMfeL916QpN6Ou6CsllC7JpcOggGroGPc5jARzPtPMY2T-UZhQhYnC8wUvLihSLumtJArVXEVMGd2i9pPOBpHyiQDWpe3xMUDw9HrvYQuq4YaJyWKqTyZR6WG6M-0ikOdp9OLRsyVYR9sYfce5V_QYRyKyC0ygFLTlntrU0MAQiIYfcmelCdKxAQ/s16000/attack-chain.webp

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v4906"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="attack-chain.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45400
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:58 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23dc0479b953ab4c719b8c6be996fe3b3614143fc7b5eae10e1fca906a7a4c89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ae3b0b4652582424b026acbcfea8346e96d8da5105079cfb4a3b011cad92ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a655455f0a7d3a7e9534014180b34adbbdb50174ab31e09c69a9f60cc1e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6a6813f6a07123f993e4ffbcc3596ed98ce55194a69637ec8f06f43d9a0c066

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 163 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b5880d9b59e501f70d047ed0c108180ef53a378f50e4d8709c7f40147198795

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c788dc1169ab2f8b55558278da8b08d70c768d51105e827c369d2aed78add0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecdc9e55b36fb4d1f04286c5ee1fd898bf9ec59dabe8f5f6ffb5165e22df7080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 190b231ba3f923161c7156fb29a4f3771dd9cba947df3ab0efb1a2704f4f471e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GBHackers300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3yY_b-ObLUZulEVqh-vCkQnjVgkHLOTw4lth-qCMuEfPmkj9PVZHlO55Hp4mfLHBDAmE9O_XD1xm_ros1pGi3z09Wo_Rz1dZ0RtFGP92yI7iMNQob2Sc_57_VMwkLcNycZo-jR4zAfpPUKBTh... 49 KB
49 KB 509ms
509ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3yY_b-ObLUZulEVqh-vCkQnjVgkHLOTw4lth-qCMuEfPmkj9PVZHlO55Hp4mfLHBDAmE9O_XD1xm_ros1pGi3z09Wo_Rz1dZ0RtFGP92yI7iMNQob2Sc_57_VMwkLcNycZo-jR4zAfpPUKBTh06t8mp-3-gcLnFYVOerHoyYccyMx4TS-QzI8nMPtjd28/s16000/GBHackers300x600.png

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v589c"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="GBHackers300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:58 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76d27035404d2d684d7d275bdf3e9f64db6b47811b2f52d3c5c265da8db97249

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9676ef24284f9c8d19810b4b142d20270efc4707a50ab32fdfb8e0a389b891ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 08:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f595dc-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4q1SNTfVOn2YJ%2Bfr%2FPHXmMLS0ZFrXyp3tVm8A%2Bv8M59PyWLZ%2B5VEbeV3ITYLU1v8Q%2BtC3gRxc2XzgPoa3cE%2BS0oRIhvb3rWMPKG8iRbKhWXLxTlhPIvWk7ZXRHxUGiJ5E8EdlfBTac3KMwY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 802c04ea29992c53-FRA
expires: Sat, 09 Sep 2023 03:55:58 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 28ms
27ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.6
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1903136
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 03:09:19 GMT
server: cloudflare
etag: W/"e63-64dc3ddf-156db8656365fcea;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX4R9E6uGgS23jKXqFt9AfEW8sVj%2FsTLDsjtnyPP4EVdUfwqCaE0wVp82SXmkEBwdwmfmjE3kUzR55J5bu6QISBiRlBch%2BhDY4ovnw3Leinwaej%2Fy9uaPX3xSEqzhBCr2TGeZ2jJeIANsimQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04ea299d2c53-FRA
expires: Thu, 15 Aug 2024 09:17:02 GMT

GET
H3 200 aHR0cHM6Ly9zdGF0cy53cC5jb20ve-202336.js Show response
gbhackers.com/wp-content/litespeed/localres/ 14 B
540 B 27ms
26ms Script
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/localres/aHR0cHM6Ly9zdGF0cy53cC5jb20ve-202336.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982449e57776bbb142c0f757ad6266bc438d955ac3ca74d97a7ba6a90f41fdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 03:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2481
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvVcgOyFP2v%2Fug%2Bb1jugDHnWwj%2BKsMk%2ByO6gk%2BNLYTkc4kkiWmCKBW0qz4TCRKu1AOorpw%2FaBND0tVvpPDtTHsgdRtOjjWXi1t4LVvcjxouf2xaClr%2F9KewdpaSn6iPMYtCiIMDfObmSaHka"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
cache-control: max-age=7200
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04ea299e2c53-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 guest.vary.php
gbhackers.com/wp-content/plugins/litespeed-cache/ 16 B
598 B 449ms
449ms Fetch
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnD0JATxfStifSweXXMD9G9TTOrS%2B0X8EKtPtM4oAiuP9OTZaBQbKPa7SLllm2Izx2MBY%2BExd8Z1Fiaabzdx0YdDcX7IlVyRS8mce7D1oJGh6w5%2FoW0%2BxvJU1H56JflhHtQrd9z7h4pJi5Wv"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04ea59b62c53-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
gbhackers.com/soc-defense-attack-chain/ 279 KB
46 KB 283ms
283ms Document
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/soc-defense-attack-chain/
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25871c9d0e9f6d5dd11d56053ad96171cee6495ec8c52c3e1e031e23b494ec81

Request headers

Referer: https://gbhackers.com/soc-defense-attack-chain/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 802c04ed2ba52c53-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:55:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/27396>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=27396>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BuiFzeQOmcqbgJnJh2jt4%2F0T7G4kZw%2F%2B0t6G6aM0r6oHiLKw%2FLLd%2Fni%2BzHKvU8fA3xpvE84QsKS3PMBnN4QvDdAXn%2BIyz6nVkMeVzxIXTCT3I1EPq8P9J0oslAGrVtJaYkICoEXcm2rcYOH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

GET
H3 200 b07551821deafed18860688967539e97.css
gbhackers.com/wp-content/litespeed/css/ 102 KB
14 KB 30ms
30ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/b07551821deafed18860688967539e97.css?ver=cd218
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e02d5400571aeed99a5f792bb82ede5216f730471091ea923427cebd8355b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 686581
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 05:12:43 GMT
server: cloudflare
etag: W/"1970d-64eecfcb-67f8f82ed519494a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jE4xZVwuTZxsRRn103dDKYeizmu%2BznyZZKmIKG4P7FHLdLdlX1bouPFv7DwFOQV8yfroR1HVNe28arQ9LttBUvecn1TM6DS4PCo7EgBMJ2PaVnay9rc7jAQr94tEt8etay%2Bwc9bFA%2BzhaFfJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd1c2c53-FRA
expires: Thu, 29 Aug 2024 11:12:58 GMT

GET
H3 200 7a094d7f8e2c386f14fee69e7794002b.css
gbhackers.com/wp-content/litespeed/css/ 11 KB
3 KB 28ms
27ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/7a094d7f8e2c386f14fee69e7794002b.css?ver=6a393
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11627990
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:55:32 GMT
server: cloudflare
etag: W/"2c47-6447dbd4-9b52c5f1bcf8f298;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYLSwjEq%2BnU2tFacoZ%2Btc0nsmJZLdfGsa0%2BCNDlmFtBhiQZFJQMuN5aDFrf5b9WrfMYprngmFrqP1onmTVPU2EyfJGYSWNwTRTaH8NxTb6SOFFVR%2Bu1IdLxgUQsZ7eU1X%2BGDIerkkJmyWhR7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd202c53-FRA
expires: Wed, 24 Apr 2024 19:56:09 GMT

GET
H3 200 3bf9892e971db026ebc7f0a5a5050d05.css
gbhackers.com/wp-content/litespeed/css/ 4 KB
2 KB 29ms
27ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/3bf9892e971db026ebc7f0a5a5050d05.css?ver=b5742
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 689026
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 04:32:11 GMT
server: cloudflare
etag: W/"105a-64eec64b-7936b0bf1cab8e5a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zl15dhsH14LYtm4H7hSGr2ajZVfEaUJTTyInbEiIus3Aq%2Fm9XHRp%2FXP0z0WyAoAq0AmqMIfhkTqGGBYi5OdpW3xUduZloew1jXkIN7z7XkeDa0Jqsjj%2FjDhqiAIoGCp0Ye%2FCcUxThFcwFX0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd212c53-FRA
expires: Thu, 29 Aug 2024 10:32:12 GMT

GET
H3 200 c31f820e1c0ed5aeebb8bb3728e10ace.css
gbhackers.com/wp-content/litespeed/css/ 34 KB
5 KB 31ms
30ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/c31f820e1c0ed5aeebb8bb3728e10ace.css?ver=e81ba
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11627990
cf-polished: origSize=35311
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:55:32 GMT
server: cloudflare
etag: W/"89ef-6447dbd4-5e0fd0f5f15864f7;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8KzkG5JdVsMYWn1kessfdtX6WIx7Ll2Sps951RGJcQcwxogHa9nQeJ7DZcp1BIMy4Wzmfn9KNWjQvMrCpJkVaHxpqIzvM9CytPAvGp1ozB11wGe9KYt5oeA7xcYLNMfKCxYJLC7a91eM1zm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd222c53-FRA
expires: Wed, 24 Apr 2024 19:56:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 88ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C300%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C900%7CMerriweather+Sans%3A400%2C300%2C700%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C900&display=swap&ver=12.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a9bc0ddfe2d81a482939d5eef64ea38f3e5c15a4196c7bb2b15b1bf5359c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 03:55:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:55:59 GMT

GET
H3 200 0353760c3276e6453cbe111fc77ebb0c.css
gbhackers.com/wp-content/litespeed/css/ 3 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/0353760c3276e6453cbe111fc77ebb0c.css?ver=00e54
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6fd5c3cd1b58fab8a0e6b95ee2736c7baac92c5eff27fd706bb11367ecb4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11627990
cf-polished: origSize=3562
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:55:32 GMT
server: cloudflare
etag: W/"dea-6447dbd4-2ddf3f2db214d413;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FI5XM4Jh5QPH7ggdUmeGpng%2BP%2Bf8%2Fyd0wYY81Q%2BSE%2BwRCPPJopuwWBmwnGNspQvek5J%2FoHEs90G5sBeihITR%2Bl6R1f18ddzDCEMBRbr%2FPfd3b7q1kecFPCmYIV%2FT2VaiWLtH2H%2FHttg68df"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd232c53-FRA
expires: Wed, 24 Apr 2024 19:56:09 GMT

GET
H3 200 3634cf0217589f9ac478a28ad0aa8ec4.css
gbhackers.com/wp-content/litespeed/css/ 105 KB
20 KB 49ms
48ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=a0a83
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77c84c7762c7edf77f903344e71983ba14129bf133460f4772eace6fe6989cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410236
cf-polished: origSize=108300
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 06:25:21 GMT
server: cloudflare
etag: W/"1a70c-64d482d1-26dec779de51bd2a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjYlCgCueWhj82qlcAff7whsZxlSp64vpVBy2Yfujw3v6zYwhJDUaiJYGinP%2FooeY%2F0RwUJ%2Fk7NLLFKDvZnY7LMNLjOBwzwCpWg%2BCLKNzaZ7I0td9ZNwtlT05eocNFugs3F3zvuganYr%2BqFi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd242c53-FRA
expires: Fri, 09 Aug 2024 12:25:22 GMT

GET
H3 200 568c797d9a70722a4d648f956f12702e.css
gbhackers.com/wp-content/litespeed/css/ 130 KB
22 KB 51ms
50ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/568c797d9a70722a4d648f956f12702e.css?ver=04b81
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600e3a4a4b633d0a2a65267ccf5941999cc08a12fe3a214cb56aebfceab6ea96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11627990
cf-polished: origSize=133527
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:55:32 GMT
server: cloudflare
etag: W/"20997-6447dbd4-4ff8756fe166c4c2;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhGQikRzY%2Fu7w1TDgurqqfyXkvALh5NDs%2BQa8w4%2Fffulh5y1PCB70zwRw2vDcrTtqgEXo6OR2gCVhBuyon9H4YB6rAr%2BttTgK0wHzSTZhNplAJTMavercoLgT1EC3TGbk9%2F886bK5ECGsJoa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd252c53-FRA
expires: Wed, 24 Apr 2024 19:56:09 GMT

GET
H3 200 2e97590493d4e9d98dbf42dad3a70813.css
gbhackers.com/wp-content/litespeed/css/ 514 KB
50 KB 57ms
56ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/2e97590493d4e9d98dbf42dad3a70813.css?ver=dc398
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11632585
cf-polished: origSize=527968
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 12:39:32 GMT
server: cloudflare
etag: W/"80e60-6447ca04-e42f521fa7e5132b;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F8fAOlq9z1W1oBkzGhi5pOqaxFn7ggqEW4n2%2FkdRhT5bTNiiAPhLMj%2FZHEm2NrOC07a%2BFb9AKoXZBaDNYQ969gxmliTaOQouumBvo998Zvr%2F2ll0WkWaYnfJIKJayY1uhh7%2Fwihpei2H4%2FG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd272c53-FRA
expires: Wed, 24 Apr 2024 18:39:34 GMT

GET
H3 200 d70781104619c8043391f015873e7343.css
gbhackers.com/wp-content/litespeed/css/ 25 KB
5 KB 72ms
71ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/d70781104619c8043391f015873e7343.css?ver=6479c
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f3424bdb04cf407e54dab4710b361c2411831703d1693be7aedaa31a1103f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410236
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 06:25:22 GMT
server: cloudflare
etag: W/"63a8-64d482d2-6771fac910f462fc;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AKYXUoJCpm3wYSX7Xe8%2Fhv7265IjYPqN0%2F%2F6PJCv0%2FhuWjInsagqYk4z6CZKrcIumG0fyYeP1kIhSRxWN7N4OIPCFmHUVeL02goOVx6Lo1hVf2hlNSTcSp6mNiGb7NY7l5DGvmKdgWve4lE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd282c53-FRA
expires: Fri, 09 Aug 2024 12:25:22 GMT

GET
H3 200 424c40e3a95ada4a10614e2f5bae8fbd.css
gbhackers.com/wp-content/litespeed/css/ 84 KB
17 KB 73ms
72ms Stylesheet
text/css 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/css/424c40e3a95ada4a10614e2f5bae8fbd.css?ver=ba022
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f91d84e8c83253dd593c876e19f933a95261fed333350300c48bc288e4af61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8553551
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 31 May 2023 03:56:16 GMT
server: cloudflare
etag: W/"14f94-6476c560-8b12396090709a5;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMsipJwEcHjGZmLN%2Ff8M0t0pVLj9one0q75XdDe9WUMk%2FkYz0yIwQOxHTxW0wuqAeKHjg2XM4s6vpF3igId%2Bc%2Bg%2FnYoZSe2Z0St3fJY%2FTY1H5wuUf5BKASpLU1yNJUblLqxjAnriMBGhkPVi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd292c53-FRA
expires: Thu, 30 May 2024 09:56:48 GMT

GET
H3 200 jquery.min.js Show response
gbhackers.com/wp-includes/js/jquery/ 85 KB
31 KB 77ms
76ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151156
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 03:09:15 GMT
server: cloudflare
etag: W/"155ba-64d3035b-533257939a2e786a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B0Y7X0wyG7YLwsXt0JV%2B69E%2FnxGPElrbw%2B9OmLOMd%2FEmn2xWwEML%2BV%2BRelQI6RIfX6QmPv327NunfSaU6xVLiWJnAX7h1LcWWDZiEEfLx9Pn5Ry%2BRZ9pCXX3xwRnJ9RLceoeIyWoPimvq3s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd2a2c53-FRA
expires: Wed, 04 Sep 2024 15:56:43 GMT

GET
H3 200 44a8438280a25fc2bef30c67fe80af6b.js Show response
gbhackers.com/wp-content/litespeed/js/ 13 KB
5 KB 92ms
91ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/44a8438280a25fc2bef30c67fe80af6b.js?ver=2e1f4
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2504478
cf-polished: origSize=13577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 04:14:41 GMT
server: cloudflare
etag: W/"3509-64d312b1-81716eb0e784c7a2;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYHLJ22bMQP6JjbjjvuNbsXLNy%2F7VpY0oQQH9kUlqwVvgqIX%2F9pVHFOkSbqnxzHHgDf45%2FF%2BEJrD5hV%2Fmmtw0Mi87wlUlxvm4YuoImwy8J9I0QwniFTpIjLnNgZwsaBLwytZ0kLLJwdC0B8d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04eefd2c2c53-FRA
expires: Thu, 08 Aug 2024 10:14:41 GMT

GET
H3 200 adsbygoogle.js Show response
gbhackers.com/wp-content/litespeed/localres/aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanM=/ 14 B
541 B 28ms
27ms Script
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/localres/aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanM=/adsbygoogle.js?client=ca-pub-5372786174760228
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982449e57776bbb142c0f757ad6266bc438d955ac3ca74d97a7ba6a90f41fdbd

Request headers

Referer: https://gbhackers.com/soc-defense-attack-chain/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 03:14:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2481
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2djQRf0%2FST11%2FyF9pAF8XB7zuYmwRTMci84BdwLAjcyWR8GV1Bx3aNDFPVp%2Bgj7GCUGQb%2BBjXeHs%2FwboBd9q9k7r04ZAawal7I5%2Bo3gum%2BmNuj7oKDDJlG06xnEtd5kNrmTNfYw9p2Q989e"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
cache-control: max-age=7200
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04ef9d942c53-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gartner-728x90.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9c6sqktEWMA6T-OcpHVdx0panfJONwRK9SzMYHSn3KN4LZ63V4kgoDVcBwPrTXppmvGp82JmePKPy9VWQYn8nTTeaRPer5ti9vYMHfOdXaF-FyHYMZeVOk9gLJuzUu3YQefCccJ9Z8su8lPsZ... 37 KB
37 KB 526ms
525ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61a463435bd9b5cd2d48af99a7bafa177dc3c635e3b144fb4b006cf4d3c5b24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v4ed0"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gartner-728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38127
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:59 GMT

GET
H3 200 GBH1.png.webp
gbhackers.com/wp-content/uploads/2022/11/ 1 KB
2 KB 28ms
27ms Image
image/webp 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5de8924a9ee0b7078ae7b57d7391c40591f0edd22b1a26d7c4f6d11b6def515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6651566
alt-svc: h3=":443"; ma=86400
content-length: 1234
last-modified: Thu, 22 Jun 2023 03:18:52 GMT
server: cloudflare
etag: "4d2-6493bd9c-19fa5d282761794f;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4XfGGwVaQ8I73MR1h4GBSlmX34ilq1sgi2QR2Ezuz0%2Bw9sBuHuQQ2pEjfIxApHe7ySkCJ31v6qU0Kp6Mg4RKAMnYOpllfL7q%2FVusM2pAhP34gqZ7M3DiHABDaSNsAxtLauIym6eE1r9vZCx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 802c04efada02c53-FRA
expires: Fri, 21 Jun 2024 10:16:33 GMT

GET
H2 200 attack-chain.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8vyMfeL916QpN6Ou6CsllC7JpcOggGroGPc5jARzPtPMY2T-UZhQhYnC8wUvLihSLumtJArVXEVMGd2i9pPOBpHyiQDWpe3xMUDw9HrvYQuq4YaJyWKqTyZR6WG6M-0ikOdp9OLRsyVYR9sY... 44 KB
44 KB 216ms
215ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e87730a5be2932c1b04e28417384c1f91874790aa9a52876f7c99d88133bd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v4906"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="attack-chain.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45400
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 129ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21917d22c3b9325ddeeecd4a41d62dd245e385abb299ecb7d17f7246eeb821c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50404
x-xss-protection: 0
server: cafe
etag: 9607429056003445420
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:55:59 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 32 KB
33 KB 27ms
27ms Font
font/woff 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?21
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=a0a83
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=a0a83
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3569185
alt-svc: h3=":443"; ma=86400
content-length: 32832
last-modified: Wed, 02 Nov 2022 16:03:47 GMT
server: cloudflare
etag: "8040-636294e3-a216febcbb15847f;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dxD94CyUWq%2FCaHdCzigt2Q%2BW%2FFA0Zzh1b1fqRU02%2F1nwR97JB7eaTw%2Bf3FnaPb4G%2Bu6K0RHv%2FXhsELUMDo0%2BUJykeIBLmIMqB3TuTrq0LPcfcDkwq5LBi42G9XOI4R9CiSxF8vNVNtRFZuT"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 802c04efbdac2c53-FRA
expires: Sat, 27 Jul 2024 02:29:34 GMT

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 115ms
66ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C300%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C900%7CMerriweather+Sans%3A400%2C300%2C700%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C900&display=swap&ver=12.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 10:13:33 GMT
x-content-type-options: nosniff
age: 409346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38268
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 10:13:33 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 499980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 09:02:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 92ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 397120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 13:37:19 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 104ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 462162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 19:33:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 124ms
75ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 17:52:03 GMT
x-content-type-options: nosniff
age: 381836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 17:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 79ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 517747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3 200 GBHackers300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3yY_b-ObLUZulEVqh-vCkQnjVgkHLOTw4lth-qCMuEfPmkj9PVZHlO55Hp4mfLHBDAmE9O_XD1xm_ros1pGi3z09Wo_Rz1dZ0RtFGP92yI7iMNQob2Sc_57_VMwkLcNycZo-jR4zAfpPUKBTh... 49 KB
49 KB 499ms
499ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

890a1b9a8e24c970b9f96c59e60d9bc0c63259b96b663fcd2e78390343f0168b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v589c"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="GBHackers300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:55:59 GMT

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 08:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f595dc-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwmaUuGqDHPQ28rVg3OdJ7nrXfG1QW8MAEjrBcEllYW7M885akoyceffpJwGrQS0z3bbqqP9LJgUJ2H17yR%2BR%2FhSaBUDrj717wbaU4Kb8QfopZK2tbWk1OHJOGvvlX%2Bwa%2Br8AmrwOgNcBa8B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 802c04effdd22c53-FRA
expires: Sat, 09 Sep 2023 03:55:59 GMT

GET
H3 200 686ee657c2c36e1c7c77a1805f3b498d.js Show response
gbhackers.com/wp-content/litespeed/js/ 18 KB
8 KB 29ms
29ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/686ee657c2c36e1c7c77a1805f3b498d.js?ver=b57fe
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11631307
cf-polished: origSize=18834
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:00:50 GMT
server: cloudflare
etag: W/"4992-6447cf02-b1181f36ee5cf67b;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b6nidSJPT7Qu9sjfS0aUt9cKpkqhmNfhg42xK1pCR%2BvDkkMTC8FMZq2OXmUKbRAOqIknXdQ71j21ZPUXqgYvORil6wNjW%2BL3iXJvcz2qFZCat3vms9LAVNADI%2BmGIIvArJDT0CZMfXvnlTt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effdd52c53-FRA
expires: Wed, 24 Apr 2024 19:00:52 GMT

GET
H3 200 c69540ea4875bada46c79fef485c0d63.js Show response
gbhackers.com/wp-content/litespeed/js/ 5 KB
3 KB 28ms
27ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/c69540ea4875bada46c79fef485c0d63.js?ver=9133a
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8248f9cae108b55c4fffe8b02d916fb348a37be98aca5ca8d6e8699ff0740cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81197
cf-polished: origSize=5335
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 06 Sep 2023 05:22:39 GMT
server: cloudflare
etag: W/"14d7-64f80c9f-6e0283a2e3b59fa7;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXEMDzLeKnPXejxPjsI%2Fdd84%2B0OgGKc1crsbRgw56WCi95vtzPanY5JmlaahDLuS0WoTrVZfixk90HKfGZ%2FqUk8WyDPcuFfmfvQdDYhZV3Z1VYUeoEfGuHQVY4eThLO6Vrwgu8UJ07Wt2P8v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effdd72c53-FRA
expires: Thu, 05 Sep 2024 11:22:41 GMT

GET
H3 200 88abcef607d2b87dee895ff8396d0658.js Show response
gbhackers.com/wp-content/litespeed/js/ 297 KB
70 KB 36ms
35ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/88abcef607d2b87dee895ff8396d0658.js?ver=4de31
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb5e736fc86f120c8bdc2cb6bb1b772c05b30f8357a985678a625013dd79cff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410236
cf-polished: origSize=304637
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 06:25:22 GMT
server: cloudflare
etag: W/"4a5fd-64d482d2-77b58b73a76f6d65;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZO%2FZw5ZaBTBUH%2B54Ri18um3h0vpN81irs%2BLX1J56Fn0HP5hfFHHl69DBCnarCw2rRIx9rjsi41W%2F8RZ2sxt3LCA4qIO99GNlDjphID9yNXmQpbZo%2FwJMLM1YEXZd3%2FRTQpwPwR65XsF8BtF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effdd82c53-FRA
expires: Fri, 09 Aug 2024 12:25:23 GMT

GET
H3 200 20fe1466ec961d6814f53fba3f79a3e2.js Show response
gbhackers.com/wp-content/litespeed/js/ 3 KB
2 KB 30ms
29ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/20fe1466ec961d6814f53fba3f79a3e2.js?ver=28103
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 689025
cf-polished: origSize=2982
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 04:32:11 GMT
server: cloudflare
etag: W/"ba6-64eec64b-5b12a395ab5d8417;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEwf0cBaPAnam4O0HOPsIJiG%2B5pLIieDkBBCF1dQmWc4AwaTFXs0QZ6zQ70Qa6hKXQqM27KYWVlMDLJPZEHkX0%2BQoZPCTUVg7b26zH1lV%2BJLhAFUL5kGVOpaN6F%2FvcWvzsdSCz8an%2FBn6YQ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effdd92c53-FRA
expires: Thu, 29 Aug 2024 10:32:14 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.6
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1903137
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 03:09:19 GMT
server: cloudflare
etag: W/"e63-64dc3ddf-156db8656365fcea;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEkqy%2FX8mF0MLpF2sYEi5aeKB8rH1EWI6yHOZ8AJkG6q2C2qum2RYaDPsOrTDwb0TVHEJ%2B0jijugQdc7e4V%2BE8fV5dBsN%2FQX1%2BQypdU%2BpO%2FOcvixh0aTsoEApiXME1DMlWqJAuhkfxOb%2BrcU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effdda2c53-FRA
expires: Thu, 15 Aug 2024 09:17:02 GMT

GET
H3 200 83864102151d4e2db42573ae86fdaca0.js Show response
gbhackers.com/wp-content/litespeed/js/ 7 KB
3 KB 32ms
31ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/83864102151d4e2db42573ae86fdaca0.js?ver=871d3
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41f529f1c2ebea1225bca6667158a87a64fc93fe9b841c9e016135aa4f1bf42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11631307
cf-polished: origSize=6893
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 13:00:50 GMT
server: cloudflare
etag: W/"1aed-6447cf02-112b3b8451eee670;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LYHmu6nfIF4kMkAig6nNofgDUYRkrAPtYXc4YJrcOvfx0TFgsvdrJFA3nJ9qds1bKNu%2B9vW6QuaABHOqLEwctfaPPXwYKtHFehLQkwYrP%2B9dAFPSUSgmp6vKyFlwWFB%2F3qd61izJCmx%2B1eh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effddb2c53-FRA
expires: Wed, 24 Apr 2024 19:00:52 GMT

GET
H3 200 948ee26f370f8f0ca7d5290060ea7d42.js Show response
gbhackers.com/wp-content/litespeed/js/ 160 KB
39 KB 33ms
32ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/948ee26f370f8f0ca7d5290060ea7d42.js?ver=ad7b6
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52dc685fde4c966abc1f1d4cf60f70f2ab2ee71bd52aeb28b304bd315e715b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11632584
cf-polished: origSize=163615
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 12:39:32 GMT
server: cloudflare
etag: W/"27f1f-6447ca04-f235e634d7b63980;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi7auFQTnKicqyyBhRz5CAY7fpcoIUnA02cmpEgtcZAPdo5cgDIZpMwKqBsRGoVkf8IEjOiPGG91aRNm2WDuSmR9YFxVncNnWocB6EKWa7yn0NLN7trtnG%2FlxnkJY2Bcie2wltKsSlNcdE%2BL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effddc2c53-FRA
expires: Wed, 24 Apr 2024 18:39:35 GMT

GET
H3 200 3c65672c826ab146da3a8bc86bc80c70.js Show response
gbhackers.com/wp-content/litespeed/js/ 2 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/js/3c65672c826ab146da3a8bc86bc80c70.js?ver=551be
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08e53b98b4c0b2626d45d7f4ab5852a8db6051a818633e4354173dca79bcb17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2410236
cf-polished: origSize=2490
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 06:25:22 GMT
server: cloudflare
etag: W/"9ba-64d482d2-6c1c58615b20ac56;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9spqU03Ump92MD%2FPFthb%2Flycw%2FtHUON30C%2FxnLjnqPHbmhHnsSS2lh04DsKLp50jOyda6K1cdRV5rCipMLmf3ydBivct5RTcoTVJ4UltZjbIBmLgf1JhgMHmIK1f9dOHAaPc8NSzXPlhoUw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effddf2c53-FRA
expires: Fri, 09 Aug 2024 12:25:23 GMT

GET
H3 200 aHR0cHM6Ly9zdGF0cy53cC5jb20ve-202336.js Show response
gbhackers.com/wp-content/litespeed/localres/ 14 B
541 B 30ms
30ms Script
text/html 2606:4700:3034::ac43:a5ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/wp-content/litespeed/localres/aHR0cHM6Ly9zdGF0cy53cC5jb20ve-202336.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982449e57776bbb142c0f757ad6266bc438d955ac3ca74d97a7ba6a90f41fdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/soc-defense-attack-chain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 03:14:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2482
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s5SPA149f8FBu%2FC3SiXijC6Sy8KOfY4qIdjZ5YeCF9M46NegtLDw0sUWHrXpWxTdFaFTc5IE2ZD62y%2BJ1%2BWdV5g1tSB09kOkbR9F6r3SNrC9%2F%2BgTM5SRRfaTS%2BcMKDvpIA3O4x8TS7azFOD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
cache-control: max-age=7200
x-turbo-charged-by: LiteSpeed
cf-ray: 802c04effde12c53-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 58ms
57ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 436850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 377 KB
128 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5446a5e2036d03fbf3401f7c913fdb8750ab05ddc20988847c3a0cedef68ee40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131261
x-xss-protection: 0
server: cafe
etag: 7276269530779544655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:55:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 50E1 10 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:04 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ 54 KB
21 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

533d99e9aaf2b51be221f878a0bbdc869211932af86b4072362b34c1b985f889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 00:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21072
x-xss-protection: 0
server: cafe
etag: 18246632331971530323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 00:43:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 80ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gbhackers.com&callback=_gfp_s_&client=ca-pub-5372786174760228

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccc68a0948b51ed81382118c2f379135a05f9de09467d7e301cf326a81455a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80CD 120 KB
40 KB 563ms
562ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=181&slotname=4100772080&adk=2726006373&adf=3920302117&pi=t.ma~as.4100772080&w=696&lmt=1694051759&rafmt=11&format=696x181&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959566&bpp=4&bdt=381&idt=194&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&correlator=6820998730507&rume=1&frm=20&pv=2&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3005&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zRS1bhCHXd&p=https%3A//gbhackers.com&dtd=210

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d46c579e4098f7873f4e859c068ea9c2eed281c099b3a4f1bca636c60b85b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40807
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:00 GMT
expires: Thu, 07 Sep 2023 03:56:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8738 349 KB
78 KB 740ms
740ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1694051759&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959587&bpp=2&bdt=403&idt=196&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x181&nras=1&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2034fa100b3275e6af97b9c91b8fe648f768fe532e3a10908ce71273f7b884ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 79845
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:00 GMT
expires: Thu, 07 Sep 2023 03:56:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=mailchimp-top-bar&cls=mctb%20mctb-sticky%20mctb-position-top%20mctb-medium%20%20mctb-icon-inside-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:55:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 80CD 7 KB
895 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=181&slotname=4100772080&adk=2726006373&adf=3920302117&pi=t.ma~as.4100772080&w=696&lmt=1694051759&rafmt=11&format=696x181&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959566&bpp=4&bdt=381&idt=194&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&correlator=6820998730507&rume=1&frm=20&pv=2&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3005&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zRS1bhCHXd&p=https%3A//gbhackers.com&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6aaf432865021494ad5d030950e7baac69e8e09a283b0ea533a01506dc6adb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 03:56:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 80CD 34 KB
14 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 15:05:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80CD 181 KB
57 KB 97ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5832621415123148058/ Frame 80CD 32 KB
32 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5832621415123148058/14763004658117789537?w=400&h=209&tw=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94731da040028900d3c30bb448d271743eeda3adebd37ace4ed4e4bf7aaf3801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:21:22 GMT
x-content-type-options: nosniff
age: 524078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32284
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:58:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Aug 2024 02:21:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 80CD 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 80CD 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 80CD 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A4DB 143 B
166 B 24ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=181&slotname=4100772080&adk=2726006373&adf=3920302117&pi=t.ma~as.4100772080&w=696&lmt=1694051759&rafmt=11&format=696x181&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058959566&bpp=4&bdt=381&idt=194&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&correlator=6820998730507&rume=1&frm=20&pv=2&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3005&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zRS1bhCHXd&p=https%3A//gbhackers.com&dtd=210
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80CD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 092612194e2fe7693f9258add015e1c3ac8f65c225d914cc23e45700030a9474

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 80CD 47 KB
47 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 499981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 09:02:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80CD 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|Roboto:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 517748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 80CD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBVcsz0n5ZLmNMbijjuwPyOSgsAL-24Tpb-jO-4THENzZHhABIIqq9kJglbL4gZQHoAH44PT6A8gBBqkC7-3G4tn-sT6oAwHIA8sEqgTqAU_QmnwIsHmpUn1dG8zUyXWpZ07Tn5uD5p0IIMO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228625392361746633443%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%2225...

0
0

97ms
54ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228625392361746633443%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216658588234173564881%22}&andc=true

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8625392361746633443","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"16658588234173564881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:56:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 03:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8625392361746633443","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"16658588234173564881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
55ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:56:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 154 KB
52 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da80b19f09337d994f076942f8114244ac5443d1796079addf435435e2db594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53639
x-xss-protection: 0
server: cafe
etag: 9207073841691886731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93F4 136 KB
50 KB 466ms
466ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923167dc3c0116ff1559ee402eb2870a82778e677966b5d28f16f001359eeeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51333
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A4DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:00 GMT
expires: Thu, 07 Sep 2023 03:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 80CD 61 KB
23 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2265
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23165
x-xss-protection: 0
server: cafe
etag: 3653802842111768446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 04:18:15 GMT

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame C7DB 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame AD04 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:42:46 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:42:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 9637 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:42:46 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:42:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame AD04 4 KB
671 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:11:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD04 205 B
519 B 79ms
30ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:44:17 GMT
x-content-type-options: nosniff
age: 213103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 16:44:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD04 604 B
695 B 80ms
31ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 24681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Sep 2024 21:04:39 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame AD04 15 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:15:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame AD04 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:28 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 9637 9 KB
4 KB 74ms
29ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 20:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 20:09:51 GMT

GET
H2 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame 9637 11 KB
5 KB 75ms
30ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 21:04:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9637 14 KB
1 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:10:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 9637 2 KB
892 B 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 9637 23 KB
9 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 9637 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 9637 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9637 181 KB
57 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:00 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 9637 36 KB
15 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 19:43:24 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 126ms
36ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lm8myr41&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYrg8gOioECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 80CD 0
54 B 118ms
37ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lm8myrze&chm=1&ctx=2&gqid=z0n5ZPiqMMemgQeMp4LQCA&qqid=CPmwnLTNl4EDFbiRgwcdSDIIJg&met.4=fb.gb~lb.k9~ol.qy~bdt.-gg~bpp.-5r~idt.-h~dtd.-1~dt.-5v&met.3=422.im~492.k5_1~748.l4~749.l6~739.kk_s~735.lj_1~738.qn~113.wa_4~112.w9_6&met.1=1.lm8myr35~6.1~7.1~8.1~9.1~10.1~12.2~13.fo~14.gd~15.fr~16.kk~17.kk~18.le~19.qn~20.qn~21.qy&met.7=CAUQCBgBMMwEOMoHaAJwtAR4k8ECgAHnvgKIAcK9B7ABAbgBAw~CBIQBxgBIMQEKMQEMOYEOCJoxQRw5QR4rwiAAYMGiAG2O6oBHwoRT3BlbitTYW5zOjMwMCw0MDAKClJvYm90bzo0MDCwAQG4AQM~CAoQChgBIMQEKMQEMI4FOEpAxQRIxQRQxQRY9gRg2ARo9gRwiQV4nGyAAfBpiAGBjwKwAQG4AQM~CE0QChgBIMQEKMQEMMQFOIABQMUESNQEUNQEWIMFYOcEaIQFcKUFeODFA4ABtMMDiAGNpguwAQG4AQM~CBcQBhgBIMQEKMQEML4FOHlokwVwrQV4yP4BgAGc_AGIAZz8AbABAbgBAw~CAkQChgBIMQEKMQEMKwFOGdolAVwqAV420mAAa9HiAHctwGwAQG4AQM~CB4QChgBIMQEKMQEMKwFOGholAVwrAV4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIMUEKMUEMKgFOGNokQVwpgV4_0KAAdNAiAG9nAGwAQG4AQM~CCgQBRgBINcFKNcFMO4GOJcBaNgGcO0GeL0DgAGRAYgBjwGwAQG4AQM~CCEQBBgBIIEGKLkHMJoIOJkCULkHWOMHYLkHaOMHcJkIeKwCkAGBBpgBxwawAQG4AQM~CCgQChgBINcHKNcHMLIIOFtA2AdI2AdQ2AdYiQhg7AdoiQhwnwh4qbcBgAH9tAGIAZzlA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E95B 14 KB
1 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:14:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E95B 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame E95B 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38AE 143 B
166 B 24ms
23ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E95B 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E95B 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E95B 181 KB
56 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:01 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame E95B 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 19:43:24 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13045310469748645498/ Frame 9637 1 KB
1 KB 23ms
20ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13045310469748645498/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85dedaba825fec7341562bd616643cb7d27eae3d5e460653b7019c71c281435c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 22:58:30 GMT
x-content-type-options: nosniff
age: 449851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1324
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 12:40:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Aug 2024 22:58:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE90 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9637 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b8a8e34f4cc8e46979a638df0ecfa7c6296e72500d4543f024c7a1298671690

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
38ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
expires: Thu, 07 Sep 2023 03:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9637
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CF0AXz0n5ZP7nMrijjuwPyOSgsAKPrN7lcqbThvjJEdzZHhABIIqq9kJglbL4gZQHoAGX0bmbA8gBAakC7-3G4tn-sT6oAwHIA8sEqgTuAU_Q0gTocyyRsiodPtlskTc8g4Z_nuqI-C3v6Iz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211104445000559073731%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22...

0
0

55ms
55ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211104445000559073731%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224770837931983141969%22}&andc=true

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11104445000559073731","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"4770837931983141969"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:56:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 03:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11104445000559073731","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"4770837931983141969"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE90
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
expires: Thu, 07 Sep 2023 03:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 975A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9637 61 KB
23 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2266
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23165
x-xss-protection: 0
server: cafe
etag: 3653802842111768446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 04:18:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:56:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 93F4 6 KB
706 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:22:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 93F4 6 KB
706 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 03:09:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:01 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 93F4 34 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 15:05:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93F4 181 KB
56 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 93F4 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 93F4 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 93F4 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 93F4 0
0 31ms
30ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDcyZdPxQim_W2gw1yxfub8E1xVUSuaicLApizQWKXHafHz-3i4_NpFs4LQcbgNksSJF1J4Tu2SUAQ3eSML2r4Qehy5g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame CC40 37 KB
14 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/soc-defense-attack-chain/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame E95B 61 KB
23 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2266
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23165
x-xss-protection: 0
server: cafe
etag: 3653802842111768446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 04:18:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9637 0
54 B 38ms
37ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lm8mys88&chm=1&ctx=2&gqid=z0n5ZIvxMYmv1PIPyeO5wAw&qqid=CL6LnrTNl4EDFbiRgwcdSDIIJg&met.4=fb.1u~lb.70~ol.99~bdt.-18p~bpp.-xg~idt.-s2~dtd.-rj~dt.-xi&met.3=200.1s_4~492.6x_1~733.73~748.7f~742.73_d~555.7w~739.7x~556.7x_2~738.95~749.95_2~736.9a_1~735.9o_1~735.ct_1~113.cv_1~112.cv_2&met.1=1.lm8myrvd~6.0~7.0~8.0~9.0~10.0~12.1~13.m~14.n~15.1a~16.7w~17.7w~18.7z~19.8x~20.8x~21.98~22.6v~23.6v&met.7=CAwQCBgBMBc4zQJoAXAWeIIlgAHWIogBpE-wAQG4AQM~CBsQBxgBIEEoQTCMAThL~CBsQBxgBIEEoQTCNAThM~CBIQBxgBIEMoQzBpOCZoRHBmeNwLgAGwCYgB7W2qARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIEQoRDBaOBZoRnBZeI0JgAHhBogBkA6wAQG4AQM~CAkQChgBIEQoRDBpOCVoRnBaeNtJgAGvR4gB3LcBsAEBuAED~CB4QChgBIEQoRDBpOCVoRnBpeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIEQoRDBoOCRoRnBbeP9CgAHTQIgBvZwBsAEBuAED~CE0QChgBIEQoRDB2ODJoRnBneODFA4ABtMMDiAGNpguwAQG4AQM~CBsQChgBIEQoRDCZAThV~CBcQAhgBIOQBKOQBMPwBOBlo5wFw-wF42AyAAawKiAGsCrABAbgBAw~CCgQBRgBIPsBKPsBMJUCOBpo_QFwkgJ4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBINoCKNoCMPYCOB1o2wJw8AJ4qbcBgAH9tAGIAZzlA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1848257865544150596
tpc.googlesyndication.com/daca_images/simgad/ Frame 93F4 133 KB
133 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1848257865544150596

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca476cdc862a2d6bd9021c8cb33a6f095f1729c9a753d941ea86475f6b50a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 22:19:50 GMT
x-content-type-options: nosniff
age: 365771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135709
x-xss-protection: 0
last-modified: Wed, 08 Feb 2017 19:25:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 22:19:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 93F4 16 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 436852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 93F4 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 517749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9714 143 B
166 B 24ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26F9 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Thu, 07 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 93F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a11abb8eae3a683abb370719023188da57423946326add3cc8a324610efa772d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 93F4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CeA3B0En5ZIORL8mkxdwPrI2T6AON55WkcfrOyoz4DKTn8u2VAhABIIqq9kJglbL4gZQHoAHLuKCjA8gBAakCf8U5KOurJz6oAwHIA8MEqgSYAk_QiXpb9ciP_M1CPVq6-g9GXKjhabg_Umb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211642615727245581461%22,%22debug_reporting%22:true,%22destination%22:%22https://bitninja.com%22,%22event_report_window%22:...

0
0

55ms
54ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211642615727245581461%22,%22debug_reporting%22:true,%22destination%22:%22https://bitninja.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879238219%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221118273412044005473%22}&andc=true

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11642615727245581461","debug_reporting":true,"destination":"https://bitninja.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879238219"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1118273412044005473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:56:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 03:56:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11642615727245581461","debug_reporting":true,"destination":"https://bitninja.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879238219"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1118273412044005473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 41ms
40ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lm8myrzc&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYhhMgQCoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:56:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame E95B 0
17 B 41ms
41ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lm8mysc9&chm=1&ctx=2&gqid=z0n5ZIvxMYmv1PIPyeO5wAw&qqid=CL2LnrTNl4EDFbiRgwcdSDIIJg&met.4=fb.p~lb.3f~ol.83~bdt.-1dc~bpp.-123~idt.-wp~dtd.-w6~dt.-125&met.3=492.y_1~733.3i~748.3u~742.3i_e~739.3y~555.4a~556.4a~738.82~749.82_1~113.ca_1~113.cc_1~112.ca_2&met.1=1.lm8mys00~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.lm8myrux~6.1~7.1~8.1~9.1~10.1~12.2~13.n~14.o~15.1h~16.7x~17.7x~18.7x~19.d5~20.d6~21.d6&met.7=CAwQCBgBMAE4AQ~CBIQBxgBIBsoGzBBOCZoG3A_eNwLgAGwCYgB7W2qARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBICIoIjA3OBVoInA2eI0JgAHhBogBkA6wAQG4AQM~CAkQChgBICQoJDA5OBVoJHA4eNtJgAGvR4gB3LcBsAEBuAED~CCgQBRgBICUoJTBAOBtoKHA-eL0DgAGRAYgBjwGwAQG4AQM~CB4QChgBICUoJTA_OBpoJnA6eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBICUoJTA-OBloJnA7eP9CgAHTQIgBvZwBsAEBuAED~CE0QChgBICYoJjBlOD9oJ3BHeODFA4ABtMMDiAGNpguwAQG4AQM~CBsQChgBICYoJjA-OBk~CCgQChgBIK0CKK0CMMwCOB9osAJwxwJ4qbcBgAH9tAGIAZzlA7ABAbgBAw~CAwQCBgBMBg42QNoAXAXeIIlgAHWIogBpE-gAcn-_________wGwAQG4AQM~CBIQBxgBIEooSjB3OC1oS3B0eK8HgAGDBYgBvCOgAcn-_________wGqARUKE1JvYm90bzp3Z2h0QDQwMDs3MDCwAQG4AQM~CBsQBhgBIE0oTTCdAThQ~CEwQChgBIE0oTTBjOBZoTXBieMM1gAGXM4gB6XagAcn-_________wGwAQG4AQM~CBsQBhgBIE0oTTCeAThR~CEsQChgBIE0oTTBkOBdoTnBieKJFgAH2QogB-KIBoAHJ_v________8BsAEBuAED
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 26F9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1&google_push=AXcoOmSy-MoBPjOwe6vqfyrLvOf5ZS3ygo8yeEDwaUCul13oRYNDzMhFk9ah6w1GZDyhhoTxABEHqt1zsmNKpen8L7fOr-iSHaY3uzs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyNDkyMTE1NDQ2ODY0NjYwNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1

43 B
398 B

201ms
35ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 03:56:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL4Mc-q9i14YAR8R-joozdQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 26F9 0
104 B 208ms
88ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMRALgkcoY-GKlEhgcj-npo&google_cver=1&google_push=AXcoOmQR3T8jy1uSYMQpECKGcaejL2upc39sPa4oNreyPKyFbpydfhsbArpZR1RjZG1bGC6Oux5h7UMkpi_gciIWT8Lodx7JAzQq5Hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK3Jiw4BFRZjEeSWuiilZhw&google_push=AXcoOmSabdOXPdfuaskDmoy5jNG9Vf46pgMzoaRH-VCSjz6IOCa1xYGjvG...

170 B
188 B

34ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK3Jiw4BFRZjEeSWuiilZhw&google_push=AXcoOmSabdOXPdfuaskDmoy5jNG9Vf46pgMzoaRH-VCSjz6IOCa1xYGjvGvcHKSNP0b8MDKfQi8ZVutrLki_GZMy1NwjwjBVKVb9JvM

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230034-FRA
pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1694058962.513296,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK3Jiw4BFRZjEeSWuiilZhw&google_push=AXcoOmSabdOXPdfuaskDmoy5jNG9Vf46pgMzoaRH-VCSjz6IOCa1xYGjvGvcHKSNP0b8MDKfQi8ZVutrLki_GZMy1NwjwjBVKVb9JvM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 26F9 70 B
149 B 143ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDhW6VRnliEwccaUSl4wifY&google_cver=1&google_push=AXcoOmR-9sq0b_OVo6vyTfOmilEl1o7tsvXNKauuDsQM3So8RV65TIgiemty_4mDagKu_YEhqLT0kCnwtZnUIPJRP75NYW4Duv3Vz_U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=83&adk=3281638899&adf=1638348697&pi=t.aa~a.3577464094~rp.4&w=324&lmt=1694051760&nsk=d29cbd28&rafmt=11&pwprc=9720455393&ad_type=text_image&format=324x83&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058960706&bpp=1&bdt=1521&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0&nras=2&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MIYCVPPkcM&p=https%3A//gbhackers.com&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 26F9 43 B
363 B 100ms
27ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS59OiNW24_We2cgRuIIJjcBrK61xhwP3n9XzFecwTjrpeE8RkbpRjyWmpqwgaguotZx8bwwG6LVKPt2Oz4jJ0iBEuvouxnNA&google_gid=CAESEOmStOH3B6TfCBo380t0amg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 174387
expires: Thu, 07 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26F9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQ...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa-DeKcnwxJHhzsJ-LYBuDafo

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmT95Ku6cvtIXp-1GmUs1uOhrUS_-U_bzYNEw97z4MdrXe8LQDNwSSIjQXof5H-Whau4-A9WhQMa-DeKcnwxJHhzsJ-LYBuDafo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26F9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL0lpZTBEDXv9JmmUM0xn2s&google_cver=1&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3v1bdRggppbOH28HBHg

170 B
329 B

30ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3v1bdRggppbOH28HBHg

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHlfRpcMWV48n5cITduH-Q9J__7460lajJgUEky4Chhd46AbBXdM8-oOeNqyT5LwNCZWiY85J-zNe3v1bdRggppbOH28HBHg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 26F9 0
130 B 92ms
29ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQNx_nuEQw6xxV90zwEWwiysw9wwKru0lH1AXSg2vci5s3Nwo1qJeevUWLIooURA4SND_n

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CEA0 110 KB
40 KB 627ms
626ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4a125a47eaf7962878bf90f75c96b81fc641c890ca2ae028cb8892b9fa2d6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40923
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 115ms
71ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e674e317c87379c2c19038c47d8e5eac1e41e7ab824751c476a5211517eed3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11631
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9714
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
expires: Thu, 07 Sep 2023 03:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 93F4 61 KB
23 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2266
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23165
x-xss-protection: 0
server: cafe
etag: 3653802842111768446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 04:18:15 GMT

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 034A 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 41ms
40ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~lm8myscj&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY8xMgMyoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ad_SecureData_980x120.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZLywVzXex7KKQSsghD546Ah2NPBKgeyLy3C5mAwjwhunvleFyEaHhE-se8EE55Acu0f_FVDyV8BqWbazCE-GVeFn6KwmamSiN1ues_q5ZWeRQcj-84XjZBSeS0JfKxkn9mYmjCWRKqBcLgNNV... 13 KB
13 KB 430ms
430ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZLywVzXex7KKQSsghD546Ah2NPBKgeyLy3C5mAwjwhunvleFyEaHhE-se8EE55Acu0f_FVDyV8BqWbazCE-GVeFn6KwmamSiN1ues_q5ZWeRQcj-84XjZBSeS0JfKxkn9mYmjCWRKqBcLgNNVi2NMWdWSUoe_qR2iQdhGClCgToo9Ylkbg39sPur4J8Td/s16000/Ad_SecureData_980x120.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4ddcac9b6721353baed313f4d2cbad52e5e28333be18d9c3c6361a2a070ce45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v5979"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ad_SecureData_980x120.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13096
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:56:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 03:56:01 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 42ms
40ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=4~lm8mysfb&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY0RQgRSoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 93F4 0
17 B 43ms
42ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lm8mysi2&chm=1&ctx=2&gqid=0En5ZKS9LdTBx_AP0aOjyA4&qqid=CIO517TNl4EDFUlSkQUdrMYEPQ&met.4=fb.eh~lb.gh~cmrload.js~ol.k7~bdt.-16y~bpp.-o~idt.-o~dtd.-6~dt.-p&met.3=492.fd_1~739.gq~749.ix_1~738.jy~735.lr_1~113.of_1~112.of_2&met.1=1.lm8myrtn~6.0~7.0~8.0~9.0~10.0~12.1~13.cz~14.dl~15.dj~16.gp~17.gp~18.gr~19.jt~20.jt~21.k7&met.7=CAUQCBgBMOkDONcFaAFw0wN4sZMDgAGFkQOIAcm-CLABAbgBAw~CBIQBxgBIO8DKO8DMJMEOCVo7wNwkQR40geAAaYFiAHaMaoBFAoSUm9ib3RvOjMwMCw0MDAsNTAwsAEBuAED~CBIQBxgBIO8DKO8DMI8EOCBo8ANwjgR40geAAaYFiAHaMaoBFAoSUm9ib3RvOjMwMCw0MDAsNTAwsAEBuAED~CAoQChgBIO8DKO8DMIkEOBpo8ANwhQR4nGyAAfBpiAGBjwKwAQG4AQM~CE0QChgBIO8DKO8DMJkEOCpo8ANwkgR44MUDgAG0wwOIAY2mC7ABAbgBAw~CB4QChgBIO8DKO8DMLIEOENonQRwsgR4gAyAAdQJiAGBFbABAbgBAw~CAkQChgBIO8DKO8DMLEEOEJonQRwsQR420mAAa9HiAHctwGwAQG4AQM~CBwQChgBIO8DKO8DMIYEOBZo8ANwhAR4_0KAAdNAiAG9nAGwAQG4AQM~CBsQBhgBIO8DKO8DMLwEOE0~CBcQBhgBIKMEKKMEMN8EODxoowRwuAR4yaYIgAGdpAiIAZ2kCLABAbgBAw~CCgQBRgBIM4EKM4EMOcEOBlo0ARw5wR4vQOAAZEBiAGPAbABAbgBAw~CBwQBRgBIM8EKM8EMOYEOBdo0QRw5gR4lgeAAeoEiAGWCbABAbgBAw~CCEQBBgBINoEKOIFMJoGOMABaOIFcJgGeKwCkAHaBJgBngWwAQG4AQM~CCgQChgBIIkGKIkGMKUGOBxoigZwnwZ4qbcBgAH9tAGIAZzlA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C50 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45C9 829 B
559 B 35ms
34ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7ba75d8fdb1a37fa93d33b312332b9ec8a87ac16871b576d3c354edcdf906cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R_yin1HzxGXntoiMizu1XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-R_yin1HzxGXntoiMizu1XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 03:56:01 GMT
expires: Thu, 07 Sep 2023 03:56:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C50 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45C9 0
0 55ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3952482491798791&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C50 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RQlOGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gbhackers-waf-banner-300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31... 173 KB
173 KB 498ms
495ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31b1WDSmqshyN3cEpkEprhl3kNt-zagtkffvumEVFf4tkD/s16000/gbhackers-waf-banner-300x600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v58cb"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gbhackers-waf-banner-300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176872
x-xss-protection: 0
expires: Fri, 08 Sep 2023 03:56:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CEA0 14 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 02:08:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 03:56:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CEA0 2 KB
897 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame CEA0 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CEA0 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26B1 1 KB
643 B 24ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Thu, 07 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame CEA0 20 KB
8 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEA0 0
0 35ms
29ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNt8U7e755kc5yLJUVN7UFKzI-1Z25ea4zL33cmXXurnxBG1su7wHJz5leDWVy8y_6Vmy_UufwYpqrtMrCBsydYEhVDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA0 181 KB
56 KB 43ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 03:56:02 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame CEA0 36 KB
15 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
DATA 200
OK truncated
/ Frame CEA0 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CEA0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c69325bd7eb70d4ba45aa71b0a9dc3178368fdabf5f24acb12b3b0c76d0552c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1NaYW5CdUsxUUU2N0U1&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQf...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1NaYW5CdUsxUUU2N0U1&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQftRVzfHSnr_K2KRkvxJ02RTLr69BlbOuxLhmvuZXEsV4CfMukHBsijuTo

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 03:56:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S1NaYW5CdUsxUUU2N0U1&google_gid=CAESEOh-ex_xK4KhVwEHYcf2jrg&google_cver=1&google_push=AXcoOmSRlN5wg1VytdmQyanARAWhjyKNxapQVwe2_d19JQftRVzfHSnr_K2KRkvxJ02RTLr69BlbOuxLhmvuZXEsV4CfMukHBsijuTo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 26B1 70 B
148 B 46ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDhW6VRnliEwccaUSl4wifY&google_cver=1&google_push=AXcoOmQidfzu0kxd_D3Evko2h18fT-XaIuo_MBCN4tyqmafko29NXgbMQxlmXTPZAOjykaf8aDzmlAW_cRCiHzS4ZPKJ5TQ3-lTPj2E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGUOU18cau1HqDBFSIQgnRM&google_cver=1&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJh...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJhTiY7XVhqQEmv9MqekfpY&google_hm=GesIotOZSG6KgU9zD...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJhTiY7XVhqQEmv9MqekfpY&google_hm=GesIotOZSG6KgU9zDLb3moM

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9TcWVT6zYpb8MkuA32tUO1XQ26a_hBorBJGTWkjkHlmYb7Yy4Tu88qx5KcFdOF-xtWJIUTolnmJhTiY7XVhqQEmv9MqekfpY&google_hm=GesIotOZSG6KgU9zDLb3moM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 26B1 0
172 B 88ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHimn-PlR_ItiDTR6Q9nCVI&google_cver=1&google_push=AXcoOmS39JoXGFuPwqcscqq7g6Kg0eG0QWPwJQwysrPn-1LbKv5emEdu_aRFBVklY1BoU6VgCR7rJJxWoT6zqpMMa6A2h-1g1okDjH4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHKjpCChT5F3FOCLZEqKTLU&google_cver=1&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHKjpCChT5F3FOCLZEqKTLU&google_cver=1&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZO4k7Hx7lR4FfqOnM5kTKlxx7koipbEL-OPQ79PNFo4MrFp6kzG1TqCt3YW9ATcag7npNeaz4Eh6Jt0esLhgXe52_3i0p7hE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEFnHXx6nRUy3RDs5tQImc&google_cver=1&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY9H...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY...

170 B
188 B

36ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY9H3hxEcVqYYbSlW63NhLHTqGc

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzYxMjM4MzU3NjE4Nzg3MA&google_push=AXcoOmRNhL3ebYBRWi4PNBAGhTG38uTJNvbTjpB_Q_XSUNUX4ymquJTjuWfwLbQnK0-ZBawhmoYyzY9H3hxEcVqYYbSlW63NhLHTqGc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 26B1 43 B
297 B 233ms
36ms Image
image/gif 2a05:d01c:1d8:8100:a526:958d:fa93:9c2b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIO_RSOT2s3QzOf3QNIeOZk&google_cver=1&google_push=AXcoOmRECKy5rXVQM4FNm64a5cjHedRrQzuY5Ou49veZjORM6wV6ndzc4NHaFv4Aw4lQXY1n8cufKCc6mjYMsjfYGT9AbcH9Wjynjjs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=60&slotname=2004870016&adk=3396182322&adf=1078745621&pi=t.ma~as.2004870016&w=468&lmt=1694051761&format=468x60&url=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694058961458&bpp=2&bdt=2273&idt=2&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd90d618f9ce265e-224d1329c6e30071%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg&gpic=UID%3D00000d9098ae2029%3AT%3D1694058959%3ART%3D1694058959%3AS%3DALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg&prev_fmts=696x181%2C0x0%2C324x83%2C1600x1200%2C1005x124&nras=4&correlator=6820998730507&rume=1&frm=20&pv=1&ga_vid=2132205910.1694058960&ga_sid=1694058960&ga_hid=335015682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&oid=2&psts=AOrYGsk3lU71PGniqYHSNKWGY3hXImbv7ELVCAKCTfmUV0zIpyGzHEWNWE5TCc0KYHPNjfDyvzYN_OyVRD-8sTn75ULFjw%2CAOrYGskk7JY6_50Mhkd9rdDAwyfphsIKG7BhtlTS2TVWUPouB2LnY-x3FFmEnMrE2aGTLIR3-O5lQ2W1rSndSLZpujg4eh_6diN0mHeO1hIxIZEzXd4%2CAOrYGsm36mwoSuooMUGbXmUOWp8AKPxSUKLwDo9Z7r9rbAWZmSIrYA32tjHKz2JoW_qi8CmKAWISLOwXOfOXPVaT_I_1vg&pvsid=3952482491798791&tmod=293505260&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fsoc-defense-attack-chain%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=WNgI4Kq750&p=https%3A//gbhackers.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:a526:958d:fa93:9c2b London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 26B1 0
12 B 31ms
29ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOLJUiKbcqok10NU9hKZYWIrIvuhOZaoHLsbAoBm3LNOyyyHRU0wIbrUKFpS46cNsXXPYm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CEA0 33 KB
33 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 427921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:04:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9637 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdbtqzcVUaRyu9l7h7QXOUCfVaxoqk9oGiYn1JKjpKT3NyA_QIAs1PtZLEwfTLrXoTjzMN1pxqMZ-c7vKv7DGbfUoMAkNmmWkmjy6EC9Oi3FvWaJrtceF9T8Cr8ORQrPF75YhJzx1pZPO7&sai=AMfl-YQzJnJGzCGYxjwUGsqy2FKoFLLeddiYs8JNKOniTj5jxHbs2HpaF3JYPZEK5YbDQwOluNtmx2WOzaa9&sig=Cg0ArKJSzOZteB0HaQSlEAE&cid=CAQSGwBpAlJWoV5Mo-2PeVm792Ty5pV4hg6pp0jezRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=123,789,1000,1100,1100&tos=123,666,211,100,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694058960793&rpt=329&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CEA0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBG8T0Un5ZJOrHpeg3wPYjLCIAtHjud9yzISllpQRzc_b_uogEAEgiqr2QmCVsviBlAegAZKZq_wCyAEBqAMByAPLBKoEmAJP0GRUwGRIfcDrCja3vHq52xIcgvohQFWBz0yZcDAAveC1jAm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215095973940217296774%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%...

0
0

56ms
56ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215095973940217296774%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22797625490%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213095681657036158161%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:56:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15095973940217296774","debug_reporting":true,"destination":"https://crowdstrike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["797625490"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"13095681657036158161"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 03:56:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 03:56:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15095973940217296774","debug_reporting":true,"destination":"https://crowdstrike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["797625490"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"13095681657036158161"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame AEE0 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:32:20 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CEA0 61 KB
23 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23165
x-xss-protection: 0
server: cafe
etag: 3653802842111768446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 04:18:15 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
54ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 03:56:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 39ms
39ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=5~lm8mysin&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYxhogQCoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CEA0 0
17 B 40ms
39ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lm8myt35&chm=1&ctx=2&gqid=0Un5ZJ_NHdiUgQfG2b3oBQ&qqid=CNPXg7XNl4EDFRfQdwodWAYMIQ&met.4=fb.hw~lb.j7~cmrload.jl~ol.ma~bdt.-1rf~bpp.-8~idt.-8~dtd.-2~dt.-a&met.3=492.i5_2~733.k1~748.kl~742.k1_m~555.ku~739.kw~556.kw_2~738.m5~749.m6_3~735.mf_1~113.p2_1~112.p2_1&met.1=1.lm8myse4~6.2~7.2~8.2~9.2~10.2~12.3~13.hi~14.hm~15.hl~16.ku~17.ku~18.ky~19.lv~20.lv~21.ma&met.7=CAUQCBgBKAIw-gQ4ogZoBHD2BHiHwgKAAdu_AogBzvMGsAEBuAED~CBIQBxgBIPsEKPsEMJsFOCBo_ARwmgV43AuAAbAJiAHtbaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIPsEKPsEMJcFOBxo_ARwkQV4jQmAAeEGiAGQDrABAbgBAw~CAkQChgBII8FKI8FMKUFOBZokQVwpAV420mAAa9HiAHctwGwAQG4AQM~CB4QChgBII8FKI8FMKcFOBhokwVwpwV4gAyAAdQJiAGBFbABAbgBAw~CBwQBRgBIJEFKJEFMLAFOB9omAVwrwV4lgeAAeoEiAGWCbABAbgBAw~CBwQChgBIJEFKJEFMLAFOB5omAVwrgV4_0KAAdNAiAG9nAGwAQG4AQM~CBsQBhgBIJIFKJIFMLUFOCQ~CE0QChgBIJIFKJIFMMQFODJomAVwvQV44MUDgAG0wwOIAY2mC7ABAbgBAw~CBsQChgBIJIFKJIFMK8FOB0~CCgQChgBIKQGKKQGML4GOBlopQZwuwZ4qbcBgAH9tAGIAZzlA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3952482491798791&bg=!4-Cl4K_NAAa6D61Rmg87ADQBe5WfOEvI1r1MIrOHFEnwabWvWj48wOTIzk4pV8OJD4sQe1IoCUB_FCZ6Ga8IqGHELfgyAgAAAINSAAAAB2gBBwoA0JZ6BqHc-ITbJhZpHcx8yi5Lg8mrLJC9wDof7FQubIhFWnBrl5L0OjwG61mgtczdqa08n5VXfXXu-3gR_qJ0kfB3fL9j32ZBTmBt3QCc27Sqtp8wh9onsowf4YIHADldJmDZIDqgQhK0fhjdvHs0hu_p-oY9Uve9RwfzZaYhVo_TUkVOF6IH11TLVkKidZMNZrhTmOTcwCNStXY6PzvovGU_T6o5N3yaL7mqvwrQCdjQq1TtAvMaHLxSArQx8P7bd70Y6RbovnPDD0mwVTIOnWWZArakm-zQvjByWcqg7b7PtIiN8tSmKNRVkuoc1JpnpjbIKC2Qi0k9hRItoWD4LpMQlzAf1sWmzWVEY0Sb5MvkHgFR9pGbSP8crSCVkUAIfJnfL73FLYuWgEZ34ivm1CKwXDSttYWnc6-S8EqeJX0Zd9oO8-XQNe20jCiVgN2F-WWwBei1QC42tIW_JHm6m4baSOJIfn-s9NUP0SjDS4bhCdBMWcdn7BjWRr7jZK9lE1STAHQqmjzSOopxj4-2e5RsTPcsJEdBLEStNXhhrOhBhxxtFJPn3_QofvkhgenljPcRaJ-3mro0HFuc_PT0Sr3svKivngKofD8b8SfyFgocx9RbcFOF1mafmZNSB5TyE4mJQun-rerYXUnEs2Ws05e9sD5w7GjO_WhF9G39rn6yjM95hPIZ2ZprSlrCfM3Upap_Eilr-4ID1lSnRr5WK_LS38wMZ3wij0YaMA2aXWfsxCRIRmjuuwnogL-kb8eHaeL6KllnXoQmoMGIg60Iqd3oQwN0YhEdHf9Mk45ncSV_xlu59gq6ZBvK8PZGdLnhwjaSfzQUGfbe2o8QtyLu3K1HvwOeKy_yzZtnwbY9Tqz88nlOAwEOS_zhUrd0r7jAjLO3osYoRMUjXT87ubRg-NucJ1gNR7vIReKi2fs8FzSTnDZ3W9R7I1oNk8tn_9RFGT6-NZQQgAvf3K2Ux6XWJuG8Ui__UBckVLsAafBXVy_eLnqLEgU0jpxmkB6xAXwy7iP5cCaNP9O82ocylpxfERDHilc3Uf3P2vxjJ7aI4zS7JHryrtOAGEhQuhrdmOLZbvKfBJu5Xyr6ZonGFOwKUXIry0efNJVb8fc64o-gg5MhwCujmNTDEuU_L-Rbq01junYLIKS7RB4qav4QSZ93sxHU5J85tKhTlrYDYv1Oli1P2zEEIGLWE7uI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 41ms
41ms Ping
image/gif 2a00:1450:4009:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=6~lm8myt2z&c=3952482491798791&e=44759876%2C44759927%2C44759842%2C31077489%2C20222282%2C31061691%2C31061693&ctx=1&met.3=164.io_1~165.ik_5~166.ia_v~1001.j6_1__1~164.j7~165.j5_2~1032.nz~326.o1_1~832.o3~868.o3~216.ny_6~215.ny_6~843.ny_6~889.oa~639.oi~1032.om~326.om~832.om~868.om~216.om_1~215.om_1~889.p4~639.p6~112.pb_2~629.qg_1~168.16t_3~168.16t_3~168.16x~168.16x~168.16x_4~168.18y~168.18y~168.18y_1~168.18y_1~168.18z~429.1d3_1~993.1d8_6__2~992.1df__2~994.1df__2~991.1d7_8__2~990.1d7_8__2~353.1d4_b~453.1dh_1~754.1dj_2__7~995.1di_7__7~998.1dh_8__7~453.1dp_1~754.1dq_1__a~995.1dq_2__a~998.1dp_3__a~453.1ds_1~754.1dt_1__d~995.1dt_2__d~1032.1ea~326.1ea~832.1eb~868.1eb~164.1ea_2~165.1e9_3~996.1e9_3__d~997.1dv_g__d~453.1eb_1~754.1ed_1__d~995.1ed_3__d~998.1ds_n__d~453.1eg_1~453.1eh_1~453.1ej_1~454.1ej_1~454.1ek_1~454.1el_1~453.1em_1~753.1ep~889.1er~639.1ez~210.1g2_1~1032.1g3~326.1g4~832.1g4~868.1g4~164.1g3_1~165.1g3_1~466.1g3_1~1032.1g5~326.1g5~832.1g5~868.1g5~164.1g5_1~165.1g4_1~466.1g4_1~522.1g3_3~525.1g7_f~1013.1gq~525.1gm_n~639.1ha~639.1ha~264.1ha~264.1i5~264.1ik~264.1ka~246.1km_1~264.1kv~264.1l2~264.1mm~264.1nf~264.1o7~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1oc~168.1od~168.1oc~264.1of~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~168.1pg~264.1ph~952.1pj~273.1pw~264.1px~264.1q9~264.1qd~264.1ql~264.1s8~264.1sq~264.1tf~264.1to~264.1u5~264.1v1~264.1vh~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~168.1vm~264.1vp~264.1xn~246.1xt_1~264.1ya~264.1yj~1032.1z7~326.1z7~832.1z8~868.1z8~164.1z6_2~165.1z5_3~889.1za~639.1zg~264.207~113.20k_1~246.20l~264.20m~264.20s~264.219~264.23g~246.23x_1~264.23z~264.244~264.24h~264.24y~264.25i~264.25v~264.26f~264.26u~264.27c~264.27z~264.28e~264.28u~264.294~264.29s~264.2a1~264.2aq~264.2b8~264.2bg~264.2bw~264.2cd~264.2ct~264.2da~264.2dr~264.2e7~264.2eo~264.2f5~264.2fl~264.2g2~264.2gj~264.2h2~264.2hp~264.2i0~264.2id~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~168.2it~264.2j0~264.2jb~264.2k4~264.2ke~264.2ko~264.2l5~264.2lr~264.2m3~264.2o7~246.2oa_1~257.2ob~264.2oa_1~264.2of&met.7=CBsQCMABkL6L5wI~CBsQByChAjghwAGQtq7_AQ~CBsQByCiAjgdwAGb7tmdCA~CBsQByCiAjgewAGtnbD4Dw~CBsQByCiAjgxwAHMhZTMAg~CBIQBxgBIKICKKICMPoCOFlAowJIpAJQpAJY1wJguQJo1wJw-gJ4vQ2AAZELiAGx_QGqAXcKF1BvcHBpbnM6NDAwLDMwMCw3MDAsOTAwCh1PcGVuK1NhbnM6NDAwLDYwMCw3MDAsMzAwLDkwMAohTWVycml3ZWF0aGVyK1NhbnM6NDAwLDMwMCw3MDAsOTAwChpSb2JvdG86NDAwLDUwMCw3MDAsMzAwLDkwMLABAbgBA8AB1se7yAo~CBsQByCiAjggwAH7tOf5Ag~CBsQByCiAjg0wAHjwpKzCA~CBsQByCiAjg5wAHk4aO1Cg~CBsQByCiAjhLwAH8hdO7BA~CBsQByCiAjhKwAGw_PHODA~CBsQByCiAjhNwAHbnu3JDw~CBsQCiCiAjhcwAGBiJ_gDg~CBsQCiCjAjhdwAHuvenzBQ~CBsQCiCjAjh6wAG_p-yCCg~CBsQBiCjAjiEAcAB4uzG5gc~CBsQBhgBIKMCKKMCMOcEOMQCwAGBqLHODw~CAEQChgBIKMCKKMCMKcEOIUCQIoDSIsDUIsDWLkDYJ4DaLkDcIwEeJCMA4AB5IkDiAG19wiwAQG4AQPAAd6Ov5sB~CBsQAiCXAzgcwAGF2su2Ag~CBsQCiDBAzgYwAGamN7RAQ~CBsQCiDCAzgewAH0_8ecDw~CBsQCiDCAzgdwAHBnbWNCQ~CBsQCiDCAzgzwAGCvse1Dw~CBsQCiDCAzgfwAHv26DCCA~CBsQCiDCAzghwAHEtbGRAQ~CBsQCiDCAzgiwAGhjPqOCA~CBsQCiDCAzgjwAGWt7TBDg~CBsQCiDCAzggwAGnnZ38DA~CBsQCiDCAzggwAHUnrOwBA~CAMQChgBIJ4FKJ4FMNIGOLUBaJ8FcPkFeOmDCIABvYEIiAHryxewAQG4AQPAAdXEzsMM~CAwQBRgBILEFKLEFMPoFOElAsgVIswVQswVY5QVgxwVo5QVw-gV4giWAAdYiiAGkT7ABAbgBA8ABgaqN9AE~CBwQChgBIOIGKOIGMP4GOBxo4gZw-AZ4_KYBgAHQpAGIAYSuA7ABAbgBA8ABrrmBzwg~CBsQBhgBIKMCKKMCMJIHOPAEwAGRlb_sBQ~CBsQChgBIOcGKOcGMLgHOFFA5wZI5wZQ5wZYmgdg_AZomgdwtwd4qgSAAf4BiAGJA7ABAbgBA8AB5Krg8AI~CBwQBhgBIIoHKIoHMMEHODhoigdwwQd4rAKwAQG4AQPAAZSE4rUO~CBsQBhgBIMADKMADMMMHOIMEwAHZ8vjeBQ~CAUQBRgBIPAGKPAGMLwLOMwEaPIGcKQLeJPBAoAB574CiAHCvQewAQG4AQPAAZDHsvAI~CAUQBRgBIIoHKIoHMIQNOPsFaIsHcO8MeJHyBIAB5e8EiAGu5RWwAQG4AQPAAZDHsvAI~CBwQChgBIOcNKOcNMM4OOGdo6A1wug54s6UDgAGHowOIAcLPCbABAbgBA8AB08Pb9wo~CAwQBRgBINgOKNgOMPAOOBho2Q5w7w54giWAAdYiiAGkT7ABAbgBA8ABoK-kqQM~CAwQBRgBIOcOKOcOMP4OOBdo6A5w_Q54giWAAdYiiAGkT7ABAbgBA8ABoK-kqQM~CBsQARgBIPcPKPcPMPsQOIQBwAGkoPylBw~CAUQBRgBIKoOKKoOMJISOOkDaKsOcP0ReLGTA4ABhZEDiAHJvgiwAQG4AQPAAZDHsvAI~CBsQCDiZFMABkL6L5wI~CBsQARgBINITKNITMPwTOCrAAaSg_KUH~CCcQDRgBIJkUKJkUMI0VOHRQmRRYxRRgmhRoxRRwjBV4m12AAe9aiAG6eLABAbgBA8AB8_LLrgs~CBsQARgBILUUKLUUMN8UOCrAAaSg_KUH~CBsQARgBIK0VKK0VMNkVOCvAAaSg_KUH~CCcQChgBIKwVKKwVMN0VODHAAeLBm9oF~CCcQBRgBIOAVKOAVMIkWOCnAAZmVn6AL~CBsQBRgBIOQVKOQVMJQWODDAAc_G2uIB~CBsQBhgBILkUKLkUMOgXOLADwAGjifCQAg~CAUQBRgBIIoUKIoUMIQZOPoEaI4UcIEZeIfCAoAB278CiAHO8wawAQG4AQPAAZDHsvAI~CBsQARgBIIobKIobMLIbOCjAAaSg_KUH~CBwQBhgBIL4bKL4bMPgbODrAAaHZ1rIJ~CBsQBhgBIPYXKPYXMI8cOJkEwAG-kfol&met.1=1.lm8myqep~2.7y~3.7y~6.1~7.1~8.1~9.1~10.1~12.2~13.7w~14.be~15.7z~16.fj~17.fj~18.ft~19.1z5~20.1z5~21.1zt~22.bu~23.bu
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:80b::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 03:56:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gbhackers.com/	1970-01-20 14:37:11	Name: _lscache_vary Value: 40eee73bc2c568ac413fd3f490024de4
.gbhackers.com/	1970-01-20 23:55:54	Name: __gads Value: ID=dd90d618f9ce265e-224d1329c6e30071:T=1694058959:RT=1694058959:S=ALNI_Mb9sSNx51NMOlQ6qwZt3QUs0ycalg
.gbhackers.com/	1970-01-20 23:55:54	Name: __gpi Value: UID=00000d9098ae2029:T=1694058959:RT=1694058959:S=ALNI_MYD_BPqFTPEvVcs5u0VsUMjqqZfKg
.doubleclick.net/	1970-01-20 23:55:54	Name: IDE Value: AHWqTUmZ2nClmUOFaIC87iQWQLVkH1bTloN1wnh067LQAUSJZecSmUT9dPPFl74R1ck
.googleadservices.com/	1970-01-20 16:43:54	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:34:22	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 18:53:30	Name: uid Value: 4324921154468646607
.adform.net/	1970-01-20 15:17:30	Name: C Value: 1
.everesttech.net/	1970-01-20 23:19:54	Name: everest_g_v2 Value: g_surferid~ZPlJ0QAOaxTQ4wBY
.adform.net/	1970-01-20 16:00:42	Name: uid Value: 9013612383576187870
.ctnsnet.com/	1970-01-20 23:19:54	Name: cid_19eb08a2d399486e8a814f730cb6f79a Value: 1
.ctnsnet.com/	1970-01-20 23:19:54	Name: gid_CAESEGUOU18cau1HqDBFSIQgnRM Value: 1
.blismedia.com/	1970-01-20 23:19:58	Name: b Value: 64F949D2815182670D18A035BLIS
.w55c.net/	1970-01-21 00:04:33	Name: wfivefivec Value: KSZanBuK1QE67E5
.de17a.com/	1970-01-20 23:12:42	Name: guid Value: 1.5848463613370617709
.w55c.net/	1970-01-20 15:17:30	Name: matchgoogle Value: 5
.innovid.com/	1970-01-20 16:43:54	Name: uuid Value: 42c8f2d9-5a91-4c68-9887-3450665dc2d8-20230906 23:56:02

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gbhackers.com/soc-defense-attack-chain/(Line 4140) Message: Mixed Content: The page at 'https://gbhackers.com/soc-defense-attack-chain/' was loaded over HTTPS, but requested an insecure element 'http://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gbhackers.com/soc-defense-attack-chain/ Message: Mixed Content: The page at 'https://gbhackers.com/soc-defense-attack-chain/' was loaded over HTTPS, but requested an insecure element 'http://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gbhackers.com/soc-defense-attack-chain/(Line 4333) Message: Mixed Content: The page at 'https://gbhackers.com/soc-defense-attack-chain/' was loaded over HTTPS, but requested an insecure element 'http://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gbhackers.com/soc-defense-attack-chain/ Message: Mixed Content: The page at 'https://gbhackers.com/soc-defense-attack-chain/' was loaded over HTTPS, but requested an insecure element 'http://gbhackers.com/wp-content/uploads/2022/11/GBH1.png.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ag.innovid.com
blogger.googleusercontent.com
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gbhackers.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r.turn.com
securepubads.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
151.101.66.49
172.217.16.194
178.250.1.9
2001:678:cb4:bbbb::11
213.155.156.185
2606:4700:3034::ac43:a5ec
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4009:80b::2003
2a02:fa8:8806:20::2040
2a05:d01c:1d8:8100:a526:958d:fa93:9c2b
3.120.219.48
34.96.105.8
35.186.193.173
37.157.4.28
51.89.9.251
52.223.40.198
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
092612194e2fe7693f9258add015e1c3ac8f65c225d914cc23e45700030a9474
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d46c579e4098f7873f4e859c068ea9c2eed281c099b3a4f1bca636c60b85b67
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190b231ba3f923161c7156fb29a4f3771dd9cba947df3ab0efb1a2704f4f471e
1b5880d9b59e501f70d047ed0c108180ef53a378f50e4d8709c7f40147198795
1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1
2034fa100b3275e6af97b9c91b8fe648f768fe532e3a10908ce71273f7b884ce
21917d22c3b9325ddeeecd4a41d62dd245e385abb299ecb7d17f7246eeb821c0
233f2b2d1dc2196f93c236a30a61cbea0a794a1241fc50a85baac3720a95d65d
23dc0479b953ab4c719b8c6be996fe3b3614143fc7b5eae10e1fca906a7a4c89
25871c9d0e9f6d5dd11d56053ad96171cee6495ec8c52c3e1e031e23b494ec81
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f91d84e8c83253dd593c876e19f933a95261fed333350300c48bc288e4af61b
30a9bc0ddfe2d81a482939d5eef64ea38f3e5c15a4196c7bb2b15b1bf5359c9d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b8a8e34f4cc8e46979a638df0ecfa7c6296e72500d4543f024c7a1298671690
3ca476cdc862a2d6bd9021c8cb33a6f095f1729c9a753d941ea86475f6b50a91
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ddcac9b6721353baed313f4d2cbad52e5e28333be18d9c3c6361a2a070ce45d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
52dc685fde4c966abc1f1d4cf60f70f2ab2ee71bd52aeb28b304bd315e715b2a
533d99e9aaf2b51be221f878a0bbdc869211932af86b4072362b34c1b985f889
53b8783cc8c86a6459106c7fa537367fe9d2713b68c604db8ad7d864c53a5d8e
5446a5e2036d03fbf3401f7c913fdb8750ab05ddc20988847c3a0cedef68ee40
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d6fd5c3cd1b58fab8a0e6b95ee2736c7baac92c5eff27fd706bb11367ecb4fa
5e87730a5be2932c1b04e28417384c1f91874790aa9a52876f7c99d88133bd90
600e3a4a4b633d0a2a65267ccf5941999cc08a12fe3a214cb56aebfceab6ea96
61a463435bd9b5cd2d48af99a7bafa177dc3c635e3b144fb4b006cf4d3c5b24f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ae3b0b4652582424b026acbcfea8346e96d8da5105079cfb4a3b011cad92ff
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816
76d27035404d2d684d7d275bdf3e9f64db6b47811b2f52d3c5c265da8db97249
77c84c7762c7edf77f903344e71983ba14129bf133460f4772eace6fe6989cda
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c
85dedaba825fec7341562bd616643cb7d27eae3d5e460653b7019c71c281435c
890a1b9a8e24c970b9f96c59e60d9bc0c63259b96b663fcd2e78390343f0168b
8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
923167dc3c0116ff1559ee402eb2870a82778e677966b5d28f16f001359eeeff
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94731da040028900d3c30bb448d271743eeda3adebd37ace4ed4e4bf7aaf3801
9676ef24284f9c8d19810b4b142d20270efc4707a50ab32fdfb8e0a389b891ac
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
982449e57776bbb142c0f757ad6266bc438d955ac3ca74d97a7ba6a90f41fdbd
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590
9da80b19f09337d994f076942f8114244ac5443d1796079addf435435e2db594
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a11abb8eae3a683abb370719023188da57423946326add3cc8a324610efa772d
a33e71a9cbaefebbf21228caa676e84ef33efff72647b646b24f924cfe208f72
a5f3424bdb04cf407e54dab4710b361c2411831703d1693be7aedaa31a1103f3
a6a6813f6a07123f993e4ffbcc3596ed98ce55194a69637ec8f06f43d9a0c066
a6aaf432865021494ad5d030950e7baac69e8e09a283b0ea533a01506dc6adb3
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6
c4a125a47eaf7962878bf90f75c96b81fc641c890ca2ae028cb8892b9fa2d6fc
c5de8924a9ee0b7078ae7b57d7391c40591f0edd22b1a26d7c4f6d11b6def515
c69325bd7eb70d4ba45aa71b0a9dc3178368fdabf5f24acb12b3b0c76d0552c8
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c788dc1169ab2f8b55558278da8b08d70c768d51105e827c369d2aed78add0bd
ccc68a0948b51ed81382118c2f379135a05f9de09467d7e301cf326a81455a38
d08e53b98b4c0b2626d45d7f4ab5852a8db6051a818633e4354173dca79bcb17
d1dca191bd55f02dd73c63ae0a0628e5ff64fe7da8404fcc5b48957438e11aa8
d41f529f1c2ebea1225bca6667158a87a64fc93fe9b841c9e016135aa4f1bf42
d8248f9cae108b55c4fffe8b02d916fb348a37be98aca5ca8d6e8699ff0740cd
d9a655455f0a7d3a7e9534014180b34adbbdb50174ab31e09c69a9f60cc1e7e5
ddb5e736fc86f120c8bdc2cb6bb1b772c05b30f8357a985678a625013dd79cff
e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e02d5400571aeed99a5f792bb82ede5216f730471091ea923427cebd8355b9
e674e317c87379c2c19038c47d8e5eac1e41e7ab824751c476a5211517eed3d7
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
e7ba75d8fdb1a37fa93d33b312332b9ec8a87ac16871b576d3c354edcdf906cf
ecdc9e55b36fb4d1f04286c5ee1fd898bf9ec59dabe8f5f6ffb5165e22df7080
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

gbhackers.com Open in urlscan Pro 2606:4700:3034::ac43:a5ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

93 %HTTPS

59 %IPv6

21 Domains

28 Subdomains

22 IPs

7 Countries

2558 kBTransfer

6700 kBSize

17 Cookies

16 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gbhackers.com Open in urlscan Pro
2606:4700:3034::ac43:a5ec Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

93 %
HTTPS

59 %
IPv6

21
Domains

28
Subdomains

22
IPs

7
Countries

2558 kB
Transfer

6700 kB
Size

17
Cookies

178 HTTP transactions
19 data transactions