www.thedutchhacker.com Open in urlscan Pro
63.250.43.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thedutchhacker.com/mitre-on-tryhackme/
Submission: On January 29 via manual (January 29th 2023, 7:37:07 pm UTC) from ZM — Scanned from DE

Summary HTTP 317 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 42 domains to perform 317 HTTP transactions. The main IP is 63.250.43.15, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.thedutchhacker.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 20th 2022. Valid for: a year.

This is the only time www.thedutchhacker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
67	63.250.43.15 63.250.43.15	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
60	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1 1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1800:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.64.91 65.9.64.91	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:0:f:1dcc:7540:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	54.197.98.98 54.197.98.98	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.206.246.212 34.206.246.212	14618 (AMAZON-AES) (AMAZON-AES)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	23.203.124.188 23.203.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1 34	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
16 38	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 9	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
30	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	3.122.47.214 3.122.47.214	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:ebfb:2347:dbfe:4c27	16509 (AMAZON-02) (AMAZON-02)
4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 5	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 7	3.68.131.77 3.68.131.77	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	() ()
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.58.241.65 52.58.241.65	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	18.198.46.54 18.198.46.54	() ()
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:803::200a	() ()
3	2600:9000:214... 2600:9000:214f:8400:15:6513:6d40:21	() ()
317	42

67 63.250.43.15 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-derowd.easywp.com

www.thedutchhacker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1800:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.64.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-64-91.fra56.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:0:f:1dcc:7540:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.98.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.246.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-246-212.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.124.188 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-188.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:400d:803::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.180.226 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.203.125.36 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-214.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.68.131.77 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-77.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.14 (Amsterdam, Netherlands) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.248 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.241.65 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-241-65.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.46.54 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:8400:15:6513:6d40:21 (None, )

ASN- ()

d27rf63iunghx1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	818 KB
67	thedutchhacker.com www.thedutchhacker.com	1 MB
66	doubleclick.net 16 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	241 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	1 MB
14	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	10 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	10 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	3 KB
6	openx.net us-u.openx.net — Cisco Umbrella Rank: 417 rtb.openx.net — Cisco Umbrella Rank: 1634	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	288 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 725	1 KB
5	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 23319	114 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com	155 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 568	2 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 592	3 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1232	804 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com	8 KB
3	cloudfront.net d27rf63iunghx1.cloudfront.net	1 MB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8741	818 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	787 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	1 KB
2	admedo.com 2 redirects pool.admedo.com	747 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	529 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 748 r.turn.com — Cisco Umbrella Rank: 3187	869 B
2	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 22439 partner.shareaholic.com — Cisco Umbrella Rank: 27590	650 B
2	dwin2.com www.dwin2.com — Cisco Umbrella Rank: 18764	132 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	110 KB
2	shareaholic.net cdn.shareaholic.net — Cisco Umbrella Rank: 24060 www.shareaholic.net — Cisco Umbrella Rank: 21738	7 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	586 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	45 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1836	174 B
1	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2822	376 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	610 B
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5129	2 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 542	6 KB
1	amazon-adsystem.com 1 redirects ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 19125	200 B
0	o2online.de Failed portal.o2online.de Failed
317	42

	Domain	Requested by
67	www.thedutchhacker.com	www.thedutchhacker.com
60	pagead2.googlesyndication.com	www.thedutchhacker.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
38	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net www.thedutchhacker.com
34	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
30	s0.2mdn.net	www.thedutchhacker.com googleads.g.doubleclick.net s0.2mdn.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.thedutchhacker.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.thedutchhacker.com
7	x.bidswitch.net	6 redirects
6	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	onetag-sys.com	3 redirects googleads.g.doubleclick.net
5	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net www.thedutchhacker.com m9m6e2w5.stackpathcdn.com
4	c1.adform.net	4 redirects
4	ap.lijit.com	4 redirects
4	rtb.openx.net	googleads.g.doubleclick.net
4	sync.teads.tv	1 redirects googleads.g.doubleclick.net
3	d27rf63iunghx1.cloudfront.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.thedutchhacker.com m9m6e2w5.stackpathcdn.com googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pool.admedo.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.dwin2.com	www.thedutchhacker.com www.dwin2.com
2	www.googletagmanager.com	www.thedutchhacker.com www.googletagmanager.com
1	ajax.googleapis.com	s0.2mdn.net
1	sync-tm.everesttech.net	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	api.pinterest.com	m9m6e2w5.stackpathcdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.shareaholic.net	cdn.shareaholic.net
1	cdn-images.mailchimp.com	www.thedutchhacker.com
1	m.media-amazon.com	www.thedutchhacker.com
1	ws-na.amazon-adsystem.com	1 redirects
1	cdn.shareaholic.net	www.thedutchhacker.com
0	portal.o2online.de Failed	www.thedutchhacker.com
317	56

This site contains links to these domains. Also see Links.

Domain
tryhackme.com
attack.mitre.org
car.mitre.org
shield.mitre.org
github.com
www.redbubble.com
8ce08rqkqfn03vacpcg3yxnr65.hop.clickbank.net
click.linksynergy.com
amzn.to
twitter.com
www.facebook.com
mbuist.redbubble.com
www.martinbuist.com
www.thehomeautomationblog.com
solverwp.com

Subject Issuer	Validity	Valid
thedutchhacker.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
cdn.shareaholic.net R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
www.dwin2.com Amazon	`2022-09-13` - `2023-10-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
*.shareaholic.net R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
shareaholic.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.shareaholic.com R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.thedutchhacker.com/mitre-on-tryhackme/
Frame ID: 4918ADEBDB6790D5B8BB48B0D3D83EC6
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Frame ID: 3EB90B7F8C389247ACBD6FFD28E46471
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&adk=1812271804&adf=3025194257&lmt=1675021021&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x675_l&format=0x0&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021021252&bpp=3&bdt=860&idt=298&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6877688760515&frm=20&pv=2&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335
Frame ID: 22693A8F0968FA12279058AD5221CEF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Frame ID: 6B728DBAF30873B459D92919C98ABE7F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111
Frame ID: 8746590557340DB838270E9C442CD207
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Frame ID: 010EE87B19B967A8A8625CB111E4FA84
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Frame ID: C87E989B5F1B679E5D0C0F92171B5109
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: DE3B14C22C3890BC1B8ED6C90219E6F6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4CCEFC034EA4F37A494E4B7C050E019B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C153EEC08B34DC0A9E1117399BFEB18
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: 775214C65A689841997A87CA412AAB42
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: BDA0693D705F6DAF1BA15581E3BA5364
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjhgu3eATAB&v=APEucNVCfH0ZhxCCrTtEH3Jw-1S9OziatfapIjEs1DzvfmFxnLPZ1Q11cUSx26lpEMCQkedFoG9nM_P4Ip5jgJtteP3IdlMqJP4BIZyCqYGObJyop5zt8IRWGOoZvC4Z_H33hV4JJyr22KivZIbYJ_6Dm7u_Gwhq6XY7VOfPnkGZMkOYOSn6NCU
Frame ID: 0EA29F508595CC646D5428267281F4DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 938168278F2349D231B8677E1992A62E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjG8_zbATAB&v=APEucNUGVkh8myy8KTfURfD7gz1dM7n1Q9DtiMBcF4xCD73NpJqGP-WXSXYW01UZQazUCZdvskXyoXt0GzrGVjfY23HUHFZEAqUPwwRa9mZ0wmSI7UfljnpukCIpxtScE_3972P4dM5odoDhcMQPHbZNk4DTnRJeJuHN4ouj2FnUv9smqXfZb1Q
Frame ID: 7C644BA3E511CF08A1D41BC6ED46BD2D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9-fiwAEwAQ&v=APEucNXx0TxpgfVfrJtPc3VGulOiNROpeEHunErhY5eKS1k1u9wipOrHw3i8HLi9t3VWps42VFts5dLogvJ9e_Ig8sSUReXKNRGyUvdCPW9vnxwKe5Q4jEwaQqFfIzZ6yoDsfycvNGC-9ueeKruwd28Bup-ha0vTh4b8NqttIUmVpk1XjAC18k0
Frame ID: B8B8E7A4975A51E539EBB9EF820DA85C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o
Frame ID: 4D92F559E2DEE8D47BEED7BEAE63981C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 444E35B088921054773E4524F1653831
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8710A116FC3FA33D82C0DFB49681318B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC739A210E48B85CA2481B140EA0A3E3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD6DD7C0BC9AC3E4C2671ECD5D64B7FB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8005630BC4FFF1C11D3CCA46A3DBAE07
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED64108D5D5063E558F047F8D9057FB8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E1E6C01EB87B773EF28EE89E15F5B24
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 71CAE87045455CBF1572F610F05347B2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97163449697394F0D999C86BE1E746A9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
Frame ID: B4B3762E8367B3F50683BC15C091D617
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
Frame ID: FF78AEA229BF34CFFCAA04FC1A16FEF0
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247
Frame ID: 4D4668DA8E1BA56B64D175A36F2DC8D1
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: BAE9F01BFDF56D64857A89685CD39417
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: A5AAD4743AA97532FE5C119D56C0102F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78068BB74A517068C564578F1A221741
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 122B8C9DE4DDB37FCD5F6678386E8909
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: E5855BBC69A4FEB5FC140A1EBF1E1B0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mitre on Tryhackme - The Dutch Hacker

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

317
Requests

88 %
HTTPS

43 %
IPv6

42
Domains

56
Subdomains

42
IPs

10
Countries

5689 kB
Transfer

10603 kB
Size

38
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://tryhackme.com/room/mitre
Title: room Mitre

Search URL Search Domain Scan URL

URL: https://tryhackme.com/
Title: Tryhackme

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1566/
Title: Phishing, Technique T1566 – Enterprise | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0035/
Title: Dragonfly, TG-4192, Crouching Yeti, IRON LIBERTY, Energetic Bear, Group G0035 | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0029/
Title: PsExec, Software S0029 | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0053/
Title: FIN5, Group G0053 | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0003/
Title: Persistence, Tactic TA0003 – Enterprise | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://car.mitre.org/
Title: https://car.mitre.org/

Search URL Search Domain Scan URL

URL: https://car.mitre.org/analytics/CAR-2013-05-004/
Title: CAR-2013-05-004: Execution with AT | MITRE Cyber Analytics Repository

Search URL Search Domain Scan URL

URL: https://shield.mitre.org/
Title: Shield Home (mitre.org)

Search URL Search Domain Scan URL

URL: https://shield.mitre.org/matrix/
Title: Active Defense Matrix (mitre.org)

Search URL Search Domain Scan URL

URL: https://shield.mitre.org/techniques/
Title: Active Defense Techniques (mitre.org)

Search URL Search Domain Scan URL

URL: https://github.com/center-for-threat-informed-defense/adversary_emulation_library/blob/master/apt29/Emulation_Plan/Scenario_1/Infrastructure.md
Title: adversary_emulation_library/Infrastructure.md at master · center-for-threat-informed-defense/adversary_emulation_library · GitHub

Search URL Search Domain Scan URL

URL: https://github.com/center-for-threat-informed-defense/adversary_emulation_library/blob/master/apt29/Emulation_Plan/Scenario_2/Infrastructure.md
Title: adversary_emulation_library/Infrastructure.md at master · center-for-threat-informed-defense/adversary_emulation_library · GitHub

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/
Title: Groups | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0064/
Title: APT33, HOLMIUM, Elfin, Group G0064 | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1078/004/
Title: Valid Accounts: Cloud Accounts, Sub-technique T1078.004 – Enterprise | MITRE ATT&CK®

Search URL Search Domain Scan URL

URL: https://www.redbubble.com/shop/ap/86782130
Title: See all products

Search URL Search Domain Scan URL

URL: https://www.redbubble.com/shop/ap/87337446
Title: See all products

Search URL Search Domain Scan URL

URL: https://www.redbubble.com/shop/ap/83146162
Title: See all products

Search URL Search Domain Scan URL

URL: https://8ce08rqkqfn03vacpcg3yxnr65.hop.clickbank.net/?tid=DUTCHHACKER
Title: Web application security for absolute beginners

Search URL Search Domain Scan URL

URL: https://click.linksynergy.com/link?id=t2rorauPT10&offerid=507388.3161282&type=2&murl=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Foscp-prep-practical-hands-on-offensivept-penetration-testing%2F
Title: Ethical Hacking Offensive Penetration Testing OSCP Prep

Search URL Search Domain Scan URL

URL: https://click.linksynergy.com/link?id=t2rorauPT10&offerid=507388.1968490&type=2&murl=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Fethical-hacking-and-comptia-pentest-exam-prep-pt0-001%2F
Title: TOTAL: CompTIA PenTest+ (Ethical Hacking) + 2 FREE Tests.

Search URL Search Domain Scan URL

URL: https://amzn.to/3564yAp

Search URL Search Domain Scan URL

URL: https://twitter.com/martinbuist81
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/The-Dutch-Hacker-104180801617108
Title: facebook

Search URL Search Domain Scan URL

URL: https://mbuist.redbubble.com/
Title: Best Redbubble shop

Search URL Search Domain Scan URL

URL: https://www.martinbuist.com/
Title: IT Blogger

Search URL Search Domain Scan URL

URL: https://www.thehomeautomationblog.com/
Title: The Home Automation Blog

Search URL Search Domain Scan URL

URL: https://solverwp.com/
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=US&ASIN=B08T661K51&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=thedtuchhacke-20 HTTP 302
https://m.media-amazon.com/images/I/41k+MD+RCnL._SL250_.jpg

Request Chain 119

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEwKH4_gEQ4QEY4QEyCKIMR-uzuFmL HTTP 301
https://tpc.googlesyndication.com/simgad/13847047602405913852

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 165

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK30VK71gLbQEBhtFVHwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Request Chain 167

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK30VK71gLbQEBhtFVHwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA4MDY2MTQ2MDAzMjQ0ODY2OQ%3D%3D

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK34YeyI5bJioQZZdUagAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXX2YxI7Lbds27blCXvotY&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMp2dv_KHglT-tc4jWIijzQ&google_cver=1

Request Chain 214

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1vDugnaX4ILQNoc7GSrME&google_cver=1&google_push=Aa02lx_ijBmDyF1GMRReu5-myZaLLUA-r6YAjBBrklvoKRs0ziEUUwmWpMVGAk-_-q0xPsOaek9GEPH4Qa7gFBFpCUBhpQDAGx5BYDm89J4cBzs4NIsXyT1C8XMKyCMXEIvtKXZfzPOpckIusF7DJlPt-Zgy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgxMzg4ODQ5MTc5OTM4NDcwMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPACek8JjlNVLD0PQl8gOb0&google_cver=1

Request Chain 215

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAMv9q-TzXhqlDuZ1gcI_elX8wxoK2P0dCcT_-JWEq0aV_m8KcelKtSIhwoIjC_auS2qpAnh-xjLZCOo7gfyJbc16O3yeyuHM6arYriNjtSiQpQr HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAMv9q-TzXhqlDuZ1gcI_elX8wxoK2P0dCcT_-JWEq0aV_m8KcelKtSIhwoIjC_auS2qpAnh-xjLZCOo7gfyJbc16O3yeyuHM6arYriNjtSiQpQr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MG10Q2lWRG8xUG1kdTg1&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAMv9q-TzXhqlDuZ1gcI_elX8wxoK2P0dCcT_-JWEq0aV_m8KcelKtSIhwoIjC_auS2qpAnh-xjLZCOo7gfyJbc16O3yeyuHM6arYriNjtSiQpQr

Request Chain 217

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFA4VSnxTfbRKE8qUeJ2m5M&google_cver=1&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkxQ7oVjFKI-g5RtryDUzjv1FQPuq0e5yAXrY0R_p4WrsXSOyxyQiCTE6Sw1_Cd6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkxQ7oVjFKI-g5RtryDUzjv1FQPuq0e5yAXrY0R_p4WrsXSOyxyQiCTE6Sw1_Cd6&google_hm=eS02STdYWFhORTJwR19LcEljZ2RQWUc3cTFBS1FXYnFsTX5B

Request Chain 219

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFId0lJh6DKYpnioP4wvQA8&google_cver=1&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uztQBMiJtCi84ousJY31dcJOxK0KCavY_zvevSRM8qwGMJ5jc4JJp94QhpyZlv-l5Iv5JnIFmOzOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uztQBMiJtCi84ousJY31dcJOxK0KCavY_zvevSRM8qwGMJ5jc4JJp94QhpyZlv-l5Iv5JnIFmOzOg

Request Chain 220

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFId0lJh6DKYpnioP4wvQA8&google_cver=1&google_push=Aa02lx-DMWr6kMRTkD03oXdu7DW1U3mvgqqnv4eYhYnhOLXS4AlGTeH1bKyU-EVKhF5EBRAPURtLEJphW-xhqWToZIM5diIloF-2aS3v1KeZJQUMVqtHB3rcshAIZ-aj144ask38UnSMuMXbdVHgckyepFb3oIM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-DMWr6kMRTkD03oXdu7DW1U3mvgqqnv4eYhYnhOLXS4AlGTeH1bKyU-EVKhF5EBRAPURtLEJphW-xhqWToZIM5diIloF-2aS3v1KeZJQUMVqtHB3rcshAIZ-aj144ask38UnSMuMXbdVHgckyepFb3oIM HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 228

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFtonPJkjL2fcC0-29pGmTc&google_cver=1&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFtonPJkjL2fcC0-29pGmTc&google_cver=1&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=d97278d8-eec0-4b28-969b-0fd86e1693ab HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=d97278d8-eec0-4b28-969b-0fd86e1693ab HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=10c600b4-7d1e-43df-8851-aa6bc568d0f4&user_group=1&ssp=google&bsw_param=d97278d8-eec0-4b28-969b-0fd86e1693ab HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M&google_hm=2XJ42O7ASyiWmw_YbhaTqw==

Request Chain 230

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOV6EEkdGtRMcmIEhZmswrQ&google_cver=1&google_push=Aa02lx86OjuPTIT48ur8pievfZhT9a9IC2r1yuDT3DwI8thkQpUJYj-I8O96Q4tzB1o6y2NiyetjNn_xZqo65bNYqOxF1RM8q126Fx0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOV6EEkdGtRMcmIEhZmswrQ&google_cver=1&google_push=Aa02lx86OjuPTIT48ur8pievfZhT9a9IC2r1yuDT3DwI8thkQpUJYj-I8O96Q4tzB1o6y2NiyetjNn_xZqo65bNYqOxF1RM8q126Fx0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4ZEdZ-7xRwmbidK35GKssg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx86OjuPTIT48ur8pievfZhT9a9IC2r1yuDT3DwI8thkQpUJYj-I8O96Q4tzB1o6y2NiyetjNn_xZqo65bNYqOxF1RM8q126Fx0

Request Chain 231

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkGmBwpSQKj7DA4QCwSr2k&google_cver=1&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkGmBwpSQKj7DA4QCwSr2k&google_cver=1&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE&google_hm=GEaZpGZHvls5q2OJR_eH3MEM

Request Chain 232

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOmDjeHuBSk3YeuLfacBrLo&google_cver=1&google_push=Aa02lx-spzPSg2cSFR1CTJ7zhUmifknDIY6U1_DZc_AZH_Cdo5bUfzXCLEjRzVss8ou_MCI9hR556o3cDCzwH_x38CjfKMS52N4EGoCW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-spzPSg2cSFR1CTJ7zhUmifknDIY6U1_DZc_AZH_Cdo5bUfzXCLEjRzVss8ou_MCI9hR556o3cDCzwH_x38CjfKMS52N4EGoCW HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 233

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN_sHiFTmwLm8EuT8AdbWws&google_cver=1&google_push=Aa02lx-Zj6OHTZOXeRuqFHSIW_algXcCJAiMsrHJZkr4Olu8dLilSyApLcNzNo-AXzAD_1cWAVPWmKEC28K0kDCiiJTJryTYAFL2614 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-Zj6OHTZOXeRuqFHSIW_algXcCJAiMsrHJZkr4Olu8dLilSyApLcNzNo-AXzAD_1cWAVPWmKEC28K0kDCiiJTJryTYAFL2614 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 237

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL8zzYoUVB1IEi1JOOCxaLo&google_cver=1&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYrsNW3lMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYrsNW3lMQ&google_hm=eS1fUmNCVTNaRTJwSDJQSVV5Zmw2eUozT2pLTFhxN2xsZX5B

Request Chain 238

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPiiQgwoNS6MxuHp0MMYRyw&google_cver=1&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of3eLvv6PGDEwnH1_-Ufuu HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPiiQgwoNS6MxuHp0MMYRyw&google_cver=1&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of3eLvv6PGDEwnH1_-Ufuu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTc1OTE1MDc1NjA0NTgxNw&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of3eLvv6PGDEwnH1_-Ufuu

Request Chain 240

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_cver=1&google_push=Aa02lx_35zSgtH_axq3aKBoQaLn-6YHaYSMOJryXmUNjLlN1AyWEAp9LTtRGP0EWyVfBIJvVQwH3m58VcHVaoXyxfmY6KOA0ULV6ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_35zSgtH_axq3aKBoQaLn-6YHaYSMOJryXmUNjLlN1AyWEAp9LTtRGP0EWyVfBIJvVQwH3m58VcHVaoXyxfmY6KOA0ULV6ww

Request Chain 241

https://match.360yield.com/match/ebda?google_gid=CAESEOSBdp8OU5Iixr6ABQIkHOk&google_cver=1&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidciL56FKg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOSBdp8OU5Iixr6ABQIkHOk&google_cver=1&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidciL56FKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yRs6N1B8R2ObN6wT6MSsdg&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidciL56FKg

Request Chain 251

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELk5vS9naWNrnEjen3-hKnE&google_cver=1&google_push=Aa02lx8P_2alv7IwJlfvyOHkXVv8YCxzx2A_fpT-dOT4u10cXJtj12wOL6qI7-Rtd64R-wFwFuYo0kbD6UHV1eq_02zBT3Zl75qW42X3bekehi-lc6yunMaEoqjPsPgoS75mpMAIJiIuuht7SxsqNzUBaJexGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELk5vS9naWNrnEjen3-hKnE&google_push=Aa02lx8P_2alv7IwJlfvyOHkXVv8YCxzx2A_fpT-dOT4u10cXJtj12wOL6qI7-Rtd64R-wFwFuYo0kbD6UHV1eq_02zBT3Zl75qW42X3bekehi-lc6yunMaEoqjPsPgoS75mpMAIJiIuuht7SxsqNzUBaJexGQ

Request Chain 252

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1&google_push=Aa02lx9BOyJuNLW2LH7K0UU4lyXAuunSgEWTlZc9j1nHMXykCzEavsymBnC1xlpLxk-Rf_zEkR7IPD4E-9f85N6g8Oz93Fgu7nWuk3u7R-z75PxA21jBhu7Mg6EhMP79dXQ3Kng634L-ZlYdFvXm5txLklnKLA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1&google_push=Aa02lx9BOyJuNLW2LH7K0UU4lyXAuunSgEWTlZc9j1nHMXykCzEavsymBnC1xlpLxk-Rf_zEkR7IPD4E-9f85N6g8Oz93Fgu7nWuk3u7R-z75PxA21jBhu7Mg6EhMP79dXQ3Kng634L-ZlYdFvXm5txLklnKLA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=720c3d64-eff1-48a1-8dc9-53b117d1745c&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=2XJ42O7ASyiWmw_YbhaTqw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1

Request Chain 253

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEiSFk-SxTOqx_uoZHChzU&google_cver=1&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z2Lgm4eFCz79W2MmQWu0fyTbQFM9JXDU8H3eUDySTO3hFck5WGmYaWy-nK8sUrUv8hXO-Y6EatwkomQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENEiSFk-SxTOqx_uoZHChzU&google_cver=1&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z2Lgm4eFCz79W2MmQWu0fyTbQFM9JXDU8H3eUDySTO3hFck5WGmYaWy-nK8sUrUv8hXO-Y6EatwkomQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1Nzc2NDIzMTUxNzIxNTM1NQ&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z2Lgm4eFCz79W2MmQWu0fyTbQFM9JXDU8H3eUDySTO3hFck5WGmYaWy-nK8sUrUv8hXO-Y6EatwkomQ

Request Chain 255

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_cver=1&google_push=Aa02lx_pg1T5PY7SAsiIPLOmZLc-YtXA2XrAVv9MgzGDnfqtRnbZq7YTTnGICL7e49_oaDHH6OVQR_CY1fo7J8x6lcRZez9PulVgl0-EziLLWuK_ZXlQQ6SBVU1_wyuPSxoDv0QHOGye-cXjoAv8fFp2vpTJUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_pg1T5PY7SAsiIPLOmZLc-YtXA2XrAVv9MgzGDnfqtRnbZq7YTTnGICL7e49_oaDHH6OVQR_CY1fo7J8x6lcRZez9PulVgl0-EziLLWuK_ZXlQQ6SBVU1_wyuPSxoDv0QHOGye-cXjoAv8fFp2vpTJUw

Request Chain 256

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEn23NatincZ1xnQrVt8ODw&google_cver=1&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZCP6CQHs0miLU1Z_6jm9-rh8eqQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEn23NatincZ1xnQrVt8ODw&google_cver=1&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZCP6CQHs0miLU1Z_6jm9-rh8eqQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZCP6CQHs0miLU1Z_6jm9-rh8eqQ&google_hm=GEaZpGZHvls5q2OJR_eH3MEM

Request Chain 257

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEyYRB2jEm_WEA2PDqdlHhI&google_cver=1&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELRy3XnKiqAbfKRxDkMwRijoFb0C3z92vqYWjYSjK8qVFJYIdPpFtB-oLSuJwA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELRy3XnKiqAbfKRxDkMwRijoFb0C3z92vqYWjYSjK8qVFJYIdPpFtB-oLSuJwA&google_gid=CAESEEyYRB2jEm_WEA2PDqdlHhI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MTU4MTA3OTc5MzI0MTM2NjU2MA%3D%3D&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELRy3XnKiqAbfKRxDkMwRijoFb0C3z92vqYWjYSjK8qVFJYIdPpFtB-oLSuJwA

317 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.thedutchhacker.com/mitre-on-tryhackme/ 202 KB
30 KB 994ms
372ms Document
text/html 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

91abb28061c5b36a8cc0695ba72796c5cdfd538b798169752d172b72e0c56281

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77678
cache-control: public
content-encoding: gzip
content-length: 29763
content-type: text/html; charset=UTF-8
date: Sat, 28 Jan 2023 22:02:20 GMT
link: <https://www.thedutchhacker.com/wp-json/>; rel="https://api.w.org/" <https://www.thedutchhacker.com/wp-json/wp/v2/posts/1497>; rel="alternate"; type="application/json" <https://www.thedutchhacker.com/?p=1497>; rel=shortlink
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 10 KB
5 KB 108ms
27ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 111b1b4e4cb34f9149ce09516b6f7b5b9a0299ae59cf38d3d2d32ee8e1f2c563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:00 GMT
content-encoding: gzip
x-sp-metadata: HS256.COyx254GEokBCiRlNmIxZTBkZS04NmJhLTQyZGEtOTZiMi1iMmY3YzExNjc2M2MQ6IP/spqz/AIaBgjcldueBiIOMjE3LjExNC4yMTguMjQo1JcDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ0MmJhMmVkNi0xZjUxLTQxMzctOTY5ZS04NTUxMzljN2UyZTYYvSEiGAgCEhRjZHMyODUuZnI4Lmh3Y2RuLm5ldA==.o5TQSnmuvtsSlIbSzI8QoxeQQXY9tP202z7qqmgmH4Q=
last-modified: Mon, 19 Dec 2022 20:20:18 GMT
server: nginx
x-amz-request-id: THAVY8D7KENN1X71
etag: "e33511561808ca812c76b301b406d103"
x-hw: 1675021020.cds276.fr8.hn,1675021020.cds285.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4285
x-amz-id-2: 9KcPcksUU1jvu0PFPJ/b/5FFoJfsNkPQSSjr2rNTCASnjg/ncBgS7nkk12BNxjniY2EHqQOOiVM=

GET
H2 200 style.min.css
www.thedutchhacker.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 192ms
188ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 12518
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 21:27:08 GMT
server: nginx
etag: "6374042c-172a9"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wc-blocks-vendors-style.css
www.thedutchhacker.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 10 KB
2 KB 377ms
373ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 1962
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:42 GMT
server: nginx
etag: "63a2bffa-28c3"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wc-blocks-style.css
www.thedutchhacker.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 230 KB
24 KB 191ms
188ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

ed9766c9f4ce4f6851e3d8416e9bec35b425dfc2b817b7647b1db8ff1a96c731

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 24465
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:43 GMT
server: nginx
etag: "63a2bffb-39996"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www.thedutchhacker.com/wp-includes/css/ 217 B
714 B 379ms
376ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/css/classic-themes.min.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 217
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 09:26:54 GMT
server: nginx
etag: "636237de-d9"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simple-line-icons.css
www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 11 KB
3 KB 192ms
189ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 2362
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Jan 2023 09:27:22 GMT
server: nginx
etag: "63c669fa-2d25"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/css/ 15 KB
3 KB 193ms
190ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/css/style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 2892
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Jan 2023 09:27:22 GMT
server: nginx
etag: "63c669fa-3c15"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.thedutchhacker.com/wp-content/plugins/most-popular-post/style/ 981 B
864 B 377ms
374ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/most-popular-post/style/style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

b025b722f9f5cd23e291a263f47c7545c0f3306176bbf016fef28473cb9b423c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 343
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Dec 2020 22:55:38 GMT
server: nginx
etag: "5fea626a-3d5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-layout.css
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/ 17 KB
3 KB 377ms
375ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 2552
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-4591"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.css
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 378ms
375ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

a831fbad3ff846921596056c21beb9c77328927cc84403156ec0fcfa330d338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 8897
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-f53f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
961 B 155ms
60ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 19:37:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 19:37:00 GMT

GET
H2 200 min.css
www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/ 194 KB
35 KB 379ms
377ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/min.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

ba961aa4d4e93ebf22490a839ba3a1df0ac81bd45639602e87c2bb72efaacf3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 34810
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 17:40:41 GMT
server: nginx
etag: "6373cf19-30815"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gridlove-woocommerce.css
www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/ 42 KB
8 KB 381ms
379ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/gridlove-woocommerce.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

2d6a89f34ccb06359789f3d0b4e5f14c20af315241191dc660ebc2e534498b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 7556
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 17:40:41 GMT
server: nginx
etag: "6373cf19-a6f5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.thedutchhacker.com/wp-content/plugins/meks-easy-ads-widget/css/ 705 B
814 B 380ms
378ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-easy-ads-widget/css/style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 293
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Aug 2022 21:27:03 GMT
server: nginx
etag: "630697a7-2c1"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/ 41 KB
6 KB 380ms
379ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 5700
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Aug 2022 21:27:33 GMT
server: nginx
etag: "6307e945-a569"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.thedutchhacker.com/wp-content/plugins/meks-themeforest-smart-widget/css/ 351 B
721 B 383ms
381ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-themeforest-smart-widget/css/style.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 200
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jan 2021 16:18:13 GMT
server: nginx
etag: "6012e3c5-15f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.thedutchhacker.com/wp-includes/js/jquery/ 88 KB
31 KB 381ms
380ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 31038
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 09:26:54 GMT
server: nginx
etag: "636237de-15e54"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.thedutchhacker.com/wp-includes/js/jquery/ 11 KB
5 KB 382ms
380ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79181
x-cache: HIT
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Dec 2020 12:27:59 GMT
server: nginx
etag: "5fdca04f-2bd8"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 88ms
34ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186229909-1

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d712cd9949fbf11adc104d7c8ad16af6c37272c31405b9f7830e00e942e604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44100
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 19:37:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 183ms
89ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639585684811700&host=ca-host-pub-2644536267352236

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33bd167ad4c989442b98d7e3f18c5f9cdacdc80ac545de69ee5ef9357bbbe96a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49982
x-xss-protection: 0
server: cafe
etag: 5479389883795355502
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:01 GMT

GET
H2 200 thedutchhackerperson.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 15 KB
16 KB 202ms
200ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/thedutchhackerperson.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

8dd2018322749a3bb38264de4db97edd0076e85e47c66b19d68c17c2465ee3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79276
x-cache: HIT
content-length: 15713
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:36:44 GMT
server: nginx
etag: "60d300ac-3d61"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-53.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 4 KB
5 KB 203ms
202ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-53.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

6a20e6c22c285bddb54bcb7eab36809a5b19d1dc7621bd5bdf5d6c5c7dfafe83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 4522
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:42:51 GMT
server: nginx
etag: "60d3021b-11aa"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

41k+MD+RCnL._SL250_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=US&ASIN=B08T661K51&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=thedtuchhacke-20
https://m.media-amazon.com/images/I/41k+MD+RCnL._SL250_.jpg

6 KB
6 KB

148ms
31ms

Image
image/jpeg

2600:9000:206f:1800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41k+MD+RCnL._SL250_.jpg
Requested by: Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/
Protocol: H2
Server: 2600:9000:206f:1800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 83b263cf3fda9047d940cacb2d962a94993045d08eb3d4e12d3d376259bef620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 14:35:52 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
age: 2178069
x-amz-cf-pop: FRA56-C1
edge-cache-tag: x-cache-628,/images/I/41k+MD+RCnL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 5723
surrogate-key: x-cache-628 /images/I/41k+MD+RCnL
last-modified: Fri, 15 Jan 2021 10:48:42 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7f10eeb1-64a2-40f8-adca-c1aa811521d0
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: fLP0K-AqIA5F0lMGILCOYR8TvKdSifkFkF81FHeopB6L8omvF6VmRw==
expires: Sun, 28 Dec 2042 14:55:33 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/41k+MD+RCnL._SL250_.jpg
Date: Sun, 29 Jan 2023 19:37:01 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET
H/1.1 200
OK classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 100ms
21ms Stylesheet
text/css 65.9.64.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.64.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-64-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Date: Sat, 28 Jan 2023 23:06:04 GMT
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 73857
ETag: W/"ae0fc9b84c30cada1784022044962394"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 9-_2oeJLlycR1aIqhY_4Cnyg0oEW95vi9-ELhj4U4AzqG0vV1v6nag==

GET
H2 200 pub.872451.min.js Show response
www.dwin2.com/ 444 KB
126 KB 150ms
30ms Script
text/javascript 2600:9000:20eb:0:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/pub.872451.min.js
Requested by: Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:0:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1630e6651da96e7b0a149090cc695634c18fd65abedd8de2c2a9c824cecae062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 19:27:46 GMT
last-modified: Sat, 28 Jan 2023 08:10:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 556
etag: W/"284032e710d006493b19e8e1d14304f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: S0NVJ-_I7BMyRJuAfHsjNq1hit1tSjtz_ip7UZ5iqMmJUL4XCTqrAA==

GET
H2 200 main.js Show response
www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 196ms
195ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-flexible-shortcodes/js/main.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

87cc3ffc7169655f3bb39c37f2d2db60f5bf92fe26c83f325b5306333398f076

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 1502
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Jan 2023 09:27:22 GMT
server: nginx
etag: "63c669fa-1d11"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.blockUI.min.js Show response
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 192ms
190ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 3496
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-2521"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 add-to-cart.min.js Show response
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 207ms
203ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
age: 0
x-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: W/"63a2c000-bd5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.min.js Show response
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 200ms
197ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 982
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-72a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.min.js Show response
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 198ms
195ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 794
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-85b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart-fragments.min.js Show response
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 207ms
204ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
age: 0
x-cache: MISS
content-length: 1039
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: W/"63a2c000-b7a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
www.thedutchhacker.com/wp-includes/js/ 5 KB
2 KB 199ms
196ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 1834
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Dec 2020 12:27:59 GMT
server: nginx
etag: "5fdca04f-15fd"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masonry.min.js Show response
www.thedutchhacker.com/wp-includes/js/ 24 KB
8 KB 198ms
195ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/js/masonry.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 7382
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Dec 2020 12:27:59 GMT
server: nginx
etag: "5fdca04f-5e4a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.masonry.min.js Show response
www.thedutchhacker.com/wp-includes/js/jquery/ 2 KB
1 KB 196ms
194ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-includes/js/jquery/jquery.masonry.min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 716
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Dec 2020 12:27:59 GMT
server: nginx
etag: "5fdca04f-71b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 min.js Show response
www.thedutchhacker.com/wp-content/themes/gridlove/assets/js/ 87 KB
25 KB 198ms
196ms Script
application/javascript 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/js/min.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

fb06f95a985b164323cfb1fa971873f6314e667e0d2ca2e8ef11f7feed447a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 24786
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 17:40:41 GMT
server: nginx
etag: "6373cf19-15b86"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-smallscreen.css
www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
2 KB 204ms
203ms Stylesheet
text/css 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 1177
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:12:48 GMT
server: nginx
etag: "63a2c000-1b83"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 128ms
35ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 04:37:27 GMT
x-content-type-options: nosniff
age: 140374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 04:37:27 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 163ms
71ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 420436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:49:45 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/ 148 KB
42 KB 85ms
29ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: d63e87aa5195c9ece2769af4893b4c07ffc3e59e3f507cd12c664a2c25e9c4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-sp-metadata: HS256.CO2x254GEokBCiRiYmEwY2U2Mi0zZjRhLTRkZDEtOWFjNC1jMzcxYTUxMGVmNDQQ0KaSjt/S/AIaBgjdldueBiIOMjE3LjExNC4yMTguMjQotJgDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ4ZDJhY2NkNS1lZjQ1LTQ3NzktYWZmYi1hMGIzZDg0YTMyNTIY/sYCIhgIAhIUY2RzMjA2LmZyOC5od2Nkbi5uZXQ=.i0gArIULkyoVfa5zjchYH6L125L+OdBKCuikFDRWXKA=
last-modified: Mon, 19 Dec 2022 20:19:59 GMT
server: nginx
x-amz-request-id: PAKD9GVGPTREG1NW
etag: "bfbe20460e43896d158d4b21e5c02ca8"
x-hw: 1675021021.cds120.fr8.hn,1675021021.cds206.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41854
x-amz-id-2: UfjmZKB7E9YUrY0vXGV2Q4QFmkUFf7Rkudm6LThhwpl7+eRxcirLt8dDB2kADGk4IpJE000Z+08=

GET
H2 200 fontawesome-webfont.woff2
www.thedutchhacker.com/wp-content/themes/gridlove/assets/fonts/ 80 KB
80 KB 191ms
190ms Font
font/woff2 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

7d0a8eabd714b656c3ec56d4b5dfbdbbffe5ccef38067c8460d54ebcc4e0ed8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thedutchhacker.com/wp-content/themes/gridlove/assets/css/min.css
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:37:20 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79180
x-cache: HIT
content-length: 81712
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 17:40:41 GMT
server: nginx
etag: "6373cf19-13f30"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: font/woff2
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5d5f7bee255fe87bc2ac3df58267ea50.json Show response
www.shareaholic.net/config/ 9 KB
2 KB 354ms
113ms XHR
application/json 54.197.98.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/5d5f7bee255fe87bc2ac3df58267ea50.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.197.98.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-98-98.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e75eab44c7aff9e145274c831401791f925bde62eafe1ac9bfaf617b02633a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-client-geo-country: DE,Deutschland
date: Sun, 29 Jan 2023 05:35:12 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length: 1824
x-client-geo-region: BY,Bayern
server: nginx
etag: W/"e75eab44c7aff9e145274c831401791f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-varnish: 565179821 553690523
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-city: Bischberg
x-client-geo-zip: 96120
access-control-max-age: 2000
accept-ranges: bytes
access-control-allow-headers: *
x-client-geo-latlong: 49.912900,10.833400

GET
H2 200 mitre-tryhackme.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 7 KB
7 KB 188ms
187ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/mitre-tryhackme.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

7d53494e86a096fbc4425fe4e8749e1dd9c1b7c0f9f0f720898f7d153598d2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 6695
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:43:07 GMT
server: nginx
etag: "60d3022b-1a27"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-54.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 21 KB
21 KB 354ms
352ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-54.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

f3502f68d9d6ae5ebebe672f4ce207973009cb44ce64e623e0b5a1043a0a1577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 21097
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:42:38 GMT
server: nginx
etag: "60d3020e-5269"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-55-1024x218.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 63 KB
64 KB 189ms
187ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-55-1024x218.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

4733dbd91179f3503dab78216aaa26a7f1480992c02c58b1ab65f08d5ad18a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 00:00:14 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 70606
x-cache: HIT
content-length: 65002
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:42:19 GMT
server: nginx
etag: "60d301fb-fdea"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-56-1024x178.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 18 KB
18 KB 353ms
352ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-56-1024x178.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e32da2e068c872053bed307d94e5eb0c22498a655906ca6ccc3890140bb68356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 18104
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:42:00 GMT
server: nginx
etag: "60d301e8-46b8"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-57.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 3 KB
4 KB 355ms
354ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-57.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

1cd981d802c7ba8fbc8ea906dddcc8edd7c1d5763940e38e9b020974074878ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 3483
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:41:44 GMT
server: nginx
etag: "60d301d8-d9b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-58-1024x367.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 102 KB
103 KB 362ms
362ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-58-1024x367.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

8087619707ad9e06d4d0f6dd4b39ef6d7a8098e60c3a1702b85a6e461a09f7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71643
x-cache: HIT
content-length: 104659
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:41:30 GMT
server: nginx
etag: "60d301ca-198d3"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 socicon.woff
www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/fonts/ 98 KB
99 KB 342ms
342ms Font
font/woff 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/fonts/socicon.woff

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thedutchhacker.com/wp-content/plugins/meks-smart-social-widget/css/style.css
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 100756
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Aug 2022 21:27:33 GMT
server: nginx
etag: "6307e945-18994"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: font/woff
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-59.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 7 KB
7 KB 327ms
324ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-59.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

1f7c3d921574752198efb467617ef569b87e5b2e81187486f1dccb8634741782

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 7053
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:41:07 GMT
server: nginx
etag: "60d301b3-1b8d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 work-87337446-mouse-pad-300x300.jpg
www.thedutchhacker.com/wp-content/uploads/2021/09/ 8 KB
8 KB 333ms
331ms Image
image/jpeg 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/09/work-87337446-mouse-pad-300x300.jpg

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e02c69f9fc858a5ae6f6c76950e93e8f3a11fd875bdbcf8670f54092b430ec17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 8141
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 18:03:38 GMT
server: nginx
etag: "6138fafa-1fcd"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 work-87348825-mouse-pad-300x300.jpg
www.thedutchhacker.com/wp-content/uploads/2021/09/ 13 KB
13 KB 328ms
325ms Image
image/jpeg 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/09/work-87348825-mouse-pad-300x300.jpg

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

fadf3d08fe0dd7988291fc2c6b611d44149b0b4d55930b16fa5c96a4502bc244

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 13144
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 17:58:51 GMT
server: nginx
etag: "6138f9db-3358"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 work-86782130-mouse-pad-300x300.jpg
www.thedutchhacker.com/wp-content/uploads/2021/09/ 9 KB
9 KB 335ms
333ms Image
image/jpeg 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/09/work-86782130-mouse-pad-300x300.jpg

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

60a5dc2397e22f26f8b7ba7399192d01497282ba751eea0fd6a4c05be9562f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 8969
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 18:18:32 GMT
server: nginx
etag: "6138fe78-2309"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 work-83146162-mouse-pad-300x300.jpg
www.thedutchhacker.com/wp-content/uploads/2021/09/ 9 KB
9 KB 334ms
332ms Image
image/jpeg 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/09/work-83146162-mouse-pad-300x300.jpg

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

40b37114c5689729e2609ec6410a32d202fc51b9de22889d2bb32a9527595c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 8976
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Sep 2021 18:30:44 GMT
server: nginx
etag: "61365e54-2310"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intro-to-isac-tryhackme-80x60.png
www.thedutchhacker.com/wp-content/uploads/2021/06/ 746 B
1 KB 327ms
326ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/06/intro-to-isac-tryhackme-80x60.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e4e72bc785c58439113a97e4e540b8bd686e55cb0a22687a91ac7da93ed8196e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 746
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:31:36 GMT
server: nginx
etag: "60d2ff78-2ea"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Jerry-hackthebox-80x60.png
www.thedutchhacker.com/wp-content/uploads/2021/02/ 2 KB
3 KB 328ms
327ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/02/Jerry-hackthebox-80x60.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e16b41022900afd35b5cbd962a676e9b6ab00c4242f6b2110f8364d11918ed56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79275
x-cache: HIT
content-length: 2086
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 11:32:07 GMT
server: nginx
etag: "60d31bb7-826"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ZTH-Obscure-web-vulns-80x60.png
www.thedutchhacker.com/wp-content/uploads/2021/04/ 816 B
1 KB 328ms
326ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/04/ZTH-Obscure-web-vulns-80x60.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

759846795b80aa79f91acd89a526612ec69c340f79283926c8d86cfbdbeb9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:38:21 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79119
x-cache: HIT
content-length: 816
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 10:39:35 GMT
server: nginx
etag: "60d30f67-330"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intro-to-windows-on-Tryhackme-80x60.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 941 B
1 KB 336ms
334ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/intro-to-windows-on-Tryhackme-80x60.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

2d48ae2cac2538deaaa7819402dbc70e455f5dc5835e2dffbd1d7c8ab29556cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:02:50 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 34450
x-cache: HIT
content-length: 941
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:50:16 GMT
server: nginx
etag: "60d303d8-3ad"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hackthebox-delivery-80x60.png
www.thedutchhacker.com/wp-content/uploads/2021/01/ 2 KB
3 KB 333ms
332ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/01/hackthebox-delivery-80x60.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

6c45ba184542eb8620d42d86268a059889c45642b918267627c1dd78b6c40139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 00:35:25 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 68495
x-cache: HIT
content-length: 2389
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 12:03:49 GMT
server: nginx
etag: "60d32325-955"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 140ms
34ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186229909-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 29 Jan 2023 20:21:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
66 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-519RC09TEL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186229909-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1234fa9602836728e4313bc73c7fdf55c0098d729fe8d5fd37edee1348fe32fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 19:37:01 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 94ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-519RC09TEL&gtm=2oe1p0&_p=1399849353&gdid=dZTNiMT&cid=756688161.1675021021&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675021021&sct=1&seg=0&dl=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&dt=Mitre%20on%20Tryhackme%20-%20The%20Dutch%20Hacker&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-519RC09TEL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
385 B 397ms
115ms Ping
image/gif 34.206.246.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.246.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-246-212.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.thedutchhacker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:01 GMT
content-security-policy: referrer always
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.thedutchhacker.com
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 init.js Show response
www.dwin2.com/ 12 KB
6 KB 27ms
27ms Script
text/javascript 2600:9000:20eb:0:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/init.js
Requested by: Host: www.dwin2.com
URL: https://www.dwin2.com/pub.872451.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:0:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28a763fe7ee3202e64c9ca9f3496146040823b1cd4d6edb5536f6fbe742f55c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:27:56 GMT
content-encoding: br
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Sun, 29 Jan 2023 19:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 546
etag: W/"09591da5a4cf8b94f5262926f08efb52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: 4t60N8o673XKrwmUqYSutikOWWRAvzM36XihWw5eDUbZtwNBicL20A==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 361 KB
118 KB 178ms
100ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3639585684811700&plah=www.thedutchhacker.com&bust=31071854

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639585684811700&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf2e6af53c44d7d90a0e1448e9f8e4d803567bd41fd408dbd78bf185d0df088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121169
x-xss-protection: 0
server: cafe
etag: 7739760436746197651
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/ Frame 3EB9 10 KB
5 KB 98ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639585684811700&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:05:40 GMT
etag: 10353107486223812946
expires: Sun, 12 Feb 2023 18:05:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 403 admin-ajax.php Show response
www.thedutchhacker.com/wp-admin/ 2 B
447 B 695ms
695ms XHR
text/html 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/wp-admin/admin-ajax.php

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
age: 0
x-cache: MISS
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 / Show response
www.thedutchhacker.com/ 446 B
763 B 516ms
516ms XHR
application/json 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thedutchhacker.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

13d5899e1f5f04d93ea958bb65844288ded9917afd63421fd80b359e5a9365b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15768000
age: 0
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: no-cache, must-revalidate, max-age=0, public
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 image-60-1024x458.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 65 KB
65 KB 189ms
187ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-60-1024x458.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

f1245119791cc42be0a6c584555848a4272f99d8a3b2435b55756c0584715b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 66433
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:40:51 GMT
server: nginx
etag: "60d301a3-10381"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-61-1024x239.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 56 KB
56 KB 201ms
195ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-61-1024x239.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

5de422c92f8ca82f521108fd66baa3ef4a2696b625384ad7e7fa941f66771974

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 57021
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:40:33 GMT
server: nginx
etag: "60d30191-debd"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-62-1024x607.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 149 KB
149 KB 203ms
197ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-62-1024x607.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

df2a22c241e7b66cd3a06434e03e5c9698f7f20c0f753bf259ee910cdf723825

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71643
x-cache: HIT
content-length: 152252
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:40:17 GMT
server: nginx
etag: "60d30181-252bc"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-65-1024x531.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 68 KB
68 KB 204ms
199ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-65-1024x531.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

d9436d3c734495d1f9c54da6e985165ffcb48ad5f796d7815c972cc2094982d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 69204
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:39:19 GMT
server: nginx
etag: "60d30147-10e54"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-64.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 11 KB
12 KB 202ms
197ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-64.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

b0c7ee6b71a022f5084408babf99b545086781932064ebc9064fbab63739578b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 11552
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:39:36 GMT
server: nginx
etag: "60d30158-2d20"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-66-1024x253.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 56 KB
56 KB 204ms
199ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-66-1024x253.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

7c033a99d9fd628c088e253e8882c723638899f57b32ffd5861ca82f64fab11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71643
x-cache: HIT
content-length: 57233
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:39:00 GMT
server: nginx
etag: "60d30134-df91"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-67-1024x99.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 18 KB
19 KB 210ms
204ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-67-1024x99.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

305f2d4235170c276371fc4b79830bbe6e91bc3012cd949f9f792b37f5b0513f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 18587
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:38:41 GMT
server: nginx
etag: "60d30121-489b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-68.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 38 KB
38 KB 211ms
205ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-68.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

67f51f4e1630ca63f432decffd1355cda094d273c67539f23d64e06ed3708e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 38438
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:38:25 GMT
server: nginx
etag: "60d30111-9626"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-69.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 54 KB
54 KB 212ms
206ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-69.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

d190ca6179de3e202dfc057fd94332a994dc1e548051c9b791158004b2f661bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 54907
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:38:07 GMT
server: nginx
etag: "60d300ff-d67b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-70-1024x81.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 13 KB
13 KB 211ms
206ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-70-1024x81.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

25acdecfeb38e355bf0e259b5d7c853341555f51652783d0059d56f4bafc7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:51:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71125
x-cache: HIT
content-length: 13097
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:37:44 GMT
server: nginx
etag: "60d300e8-3329"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-71-1024x71.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 6 KB
6 KB 212ms
205ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-71-1024x71.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

e0a888d91a8cca26f022d777887263c268e1354cf926c71c6d8707e5b9a67a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71643
x-cache: HIT
content-length: 5645
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:37:28 GMT
server: nginx
etag: "60d300d8-160d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-72.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 12 KB
12 KB 211ms
204ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/image-72.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

cf2e28323dbbecf808a67599ea72520f66476e8ff74933e6edfe6cb33ebe4fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:42:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 71644
x-cache: HIT
content-length: 11974
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:37:14 GMT
server: nginx
etag: "60d300ca-2ec6"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 misp-on-Tryhackme-370x150.png
www.thedutchhacker.com/wp-content/uploads/2022/05/ 2 KB
3 KB 213ms
207ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2022/05/misp-on-Tryhackme-370x150.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

4ab7f48cc449034bd5b3561d577bd4697b7b1303ce63cea100068d11839c3941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:38:22 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79119
x-cache: HIT
content-length: 2381
x-xss-protection: 1; mode=block
last-modified: Mon, 09 May 2022 15:31:59 GMT
server: nginx
etag: "627933ef-94d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spring4shell-exploit-tryhackme-370x150.png
www.thedutchhacker.com/wp-content/uploads/2022/04/ 4 KB
4 KB 211ms
206ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2022/04/spring4shell-exploit-tryhackme-370x150.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

298d8fd1fda306532cff20713c5949fa86e890d52427acfb20c707306870de5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:38:22 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79119
x-cache: HIT
content-length: 3965
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Apr 2022 15:26:36 GMT
server: nginx
etag: "625448ac-f7d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Windows-Event-Logs-Tryhackme-370x150.png
www.thedutchhacker.com/wp-content/uploads/2022/03/ 3 KB
4 KB 212ms
206ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2022/03/Windows-Event-Logs-Tryhackme-370x150.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

5205266942d0254f2fa72700782b575c334416d023f24d5ea5b31f63f811f181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:38:22 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79119
x-cache: HIT
content-length: 3552
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 15:11:18 GMT
server: nginx
etag: "6220da96-de0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sysinternals-tryhackme-370x150.png
www.thedutchhacker.com/wp-content/uploads/2021/08/ 3 KB
4 KB 211ms
206ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/08/sysinternals-tryhackme-370x150.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

a7fe8fa9a2a82cf3fc9f1f54134b709236f307a6fb457e1c0fe0898a9542d5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:38:22 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79119
x-cache: HIT
content-length: 3449
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 15:03:03 GMT
server: nginx
etag: "612cf327-d79"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thedutchhackerperson-small-1.png
www.thedutchhacker.com/wp-content/uploads/2021/05/ 10 KB
10 KB 211ms
207ms Image
image/png 63.250.43.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thedutchhacker.com/wp-content/uploads/2021/05/thedutchhackerperson-small-1.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/wp-includes/js/imagesloaded.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.15 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-derowd.easywp.com

Software

nginx /

Resource Hash

ac29b6c5ae09ff8f0d31aa6caf5d488f63f08afb47a949da128185cb2abdd12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/mitre-on-tryhackme/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:35:46 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 79274
x-cache: HIT
content-length: 9980
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 09:36:19 GMT
server: nginx
etag: "60d30093-26fc"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 57ms
57ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1399849353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&ul=en-us&de=UTF-8&dt=Mitre%20on%20Tryhackme%20-%20The%20Dutch%20Hacker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1481592024&gjid=348669214&cid=756688161.1675021021&tid=UA-186229909-1&_gid=1340974317.1675021021&_r=1&_slc=1&gtm=2ou1p0&did=dZTNiMT&gdid=dZTNiMT&z=437990932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedutchhacker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/ 179 KB
37 KB 30ms
30ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/buttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: a22bd8cc9accbe07dd66307949c5afddc184418466293db5b50eb810b721dbd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-sp-metadata: HS256.CO2x254GEokBCiRiZTAyZGQ4MS05Nzk3LTRhNGUtYTkyNy1kZTJmMmM1OWViYmQQ0KaSjt/S/AIaBgjdldueBiIOMjE3LjExNC4yMTguMjQotJgDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3ZDJkNWM2YS1hNTBmLTQzNjQtYjc0MC00YjVmY2E1OThhZDgYyqUCIhgIAhIUY2RzMjM5LmZyOC5od2Nkbi5uZXQ=.TLhd+FAqnyRU3CTc/v95SH/swrKqAKwBdmxonBig9A8=
last-modified: Mon, 19 Dec 2022 20:19:59 GMT
server: nginx
x-amz-request-id: THAZ88F81SZNGENN
etag: "2f2ba10bfc6e4ae6b4574df0f3eab8a7"
x-hw: 1675021021.cds120.fr8.hn,1675021021.cds239.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37578
x-amz-id-2: mHbV3yps1szMCgmHroVBFy2o2H1m36/hdKcTzmXJI7o6YVwzAUZuG8f23cJ4hBCB4u7o8+r3oUs=

GET
H2 200 recommendations.js Show response
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/ 94 KB
13 KB 38ms
36ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/recommendations.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 23edd8fa7ca554bed1b5641ee5e85ff394d698137b6d73b6310bdd7af0e2fe34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-sp-metadata: HS256.CO2x254GEokBCiQ5M2UxZmVmZC1mYzE5LTQxNmUtYTQ3OC0yOWU5MjkxZTA2ODMQ0KaSjt/S/AIaBgjdldueBiIOMjE3LjExNC4yMTguMjQotJgDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQzZDU1MGEzOC1lZTkwLTRjY2UtOTQyYi1kOTQ3NDFkMGEwOGEYsmUiGAgCEhRjZHMyOTIuZnI4Lmh3Y2RuLm5ldA==.YC9sxGgfuK0hxC/fSBFhnrFzXecYykW76zd2PCSe4dQ=
last-modified: Mon, 19 Dec 2022 20:20:00 GMT
server: nginx
x-amz-request-id: PAK6TZPZBAY0YJTC
etag: "5665e46fe0fa434be72b12f9ba875ecf"
x-hw: 1675021021.cds120.fr8.hn,1675021021.cds292.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 12978
x-amz-id-2: LYmaJsG56UcKxmXHjOkGcPf2NrImAHn7oWtr0lUaN32vPo98sOzAkVV3VCwCMDDkiXhKb+aNDxQ=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 395ms
127ms Script
application/javascript 107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&cl=en-US&id_sync=0ef56c43-b7f0-486c-861f-16c21f7ec234&pvs=1&site=5d5f7bee255fe87bc2ac3df58267ea50
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-147-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:01 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 92ms
32ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186229909-1&cid=756688161.1675021021&jid=1481592024&gjid=348669214&_gid=1340974317.1675021021&_u=YCDACUAABAAAACAAI~&z=1418251311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedutchhacker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 19:37:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thedutchhacker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 759 B
480 B 61ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Emilys+Candy&display=swap

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b42e07be5dcfb30b828d8d404bac1c1f579aa25becfb9d7ab61c96024734bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 19:37:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 19:37:01 GMT

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
21 KB 80ms
29ms Font
font/woff 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer: https://www.thedutchhacker.com/
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-amz-request-id: PAK74M00J3W9MB3X
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
content-length: 20572
x-amz-id-2: QRgTl3z2NckXsRR4b2IjJxeS+QUlOw/9JeU0wTHcZ8aJxUj3FCFUukPKhu4ArBQQzfNw3OSGizY=
x-sp-metadata: HS256.CO2x254GEokBCiQwZDFlOGZmMC1iNjU4LTQzNjctYjI1ZS1mZWUyYTA4YzYxOTkQ0KaSjt/S/AIaBgjdldueBiIOMjE3LjExNC4yMTguMjQovJkDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQzZTkyNTRmOC0yYmIyLTQxMDgtOTk2Zi1lOTIwODAzZDVlMDAY3KABIhgIAhIUY2RzMzM3LmZyOC5od2Nkbi5uZXQ=.X9vhv/35NDabpdkWp9GDasdFWYJM0QNfk0U1V1fOoSo=
last-modified: Sat, 10 Dec 2022 05:07:56 GMT
server: nginx
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
access-control-max-age: 2000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: font/woff
access-control-allow-origin: *
x-hw: 1675021021.cds006.fr8.hn,1675021021.cds337.fr8.c
access-control-expose-headers: ETag, Access-Control-Allow-Origin
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 171ms
58ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thedutchhacker.com&callback=_gfp_s_&client=ca-pub-3639585684811700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3639585684811700&plah=www.thedutchhacker.com&bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

299753c74d87028eeae68944f2d19bffe9ce6e54e81b89514bd06c1081521a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 100ms
32ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 90ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2269 216 KB
53 KB 1033ms
1019ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&adk=1812271804&adf=3025194257&lmt=1675021021&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x675_l&format=0x0&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021021252&bpp=3&bdt=860&idt=298&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6877688760515&frm=20&pv=2&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2444c83ac308f5cdda644076b0377ca72f830abc8d48913679e063695ebed23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:02 GMT
expires: Sun, 29 Jan 2023 19:37:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 arrow_version_1.svg Show response
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/ 2 KB
1 KB 30ms
28ms Fetch
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/arrow_version_1.svg
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:01 GMT
content-encoding: gzip
x-amz-request-id: PAK1N5N358TJFHYH
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
content-length: 992
x-amz-id-2: R0v2Hx3X7y2Y3aSU0e7MQVN386VTCiZP/oXwkt52s0kwHMDkK7FUJA2/k1HpGqsyDmJKp4ogFuM=
x-sp-metadata: HS256.CO2x254GEokBCiRkMDI2ZjFjNi1iNGE2LTRmYzctODc4YS1mOWE1ZmNjMzA1MzQQ0KaSjt/S/AIaBgjdldueBiIOMjE3LjExNC4yMTguMjQovJkDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ3MGZhYTc5ZC1kNjRlLTQ5MzYtYTAwZi1kNzkzMzI3NDk5NjIY4AciGAgCEhRjZHMwMTMuZnI4Lmh3Y2RuLm5ldA==.UJn7AJdDGY6v9n/n7z9qoKbcQeNNNgDcuLGw2dmiFp0=
last-modified: Sat, 10 Dec 2022 05:07:59 GMT
server: nginx
etag: "65040d5636978b7e56e7db1e463c43f6"
access-control-max-age: 2000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
x-hw: 1675021021.cds006.fr8.hn,1675021021.cds013.fr8.c
access-control-expose-headers: ETag, Access-Control-Allow-Origin
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 2EbgL-1mD1Rnb0OGKudbk0yJqNZq.woff2
fonts.gstatic.com/s/emilyscandy/v13/ 82 KB
82 KB 37ms
36ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/emilyscandy/v13/2EbgL-1mD1Rnb0OGKudbk0yJqNZq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Emilys+Candy&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c255dab9758ba6028ad5cf4d5a85b0f55e8f9f64f394906caf4b8e1bdf83e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thedutchhacker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:53:43 GMT
x-content-type-options: nosniff
age: 434598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83624
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:14:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:53:43 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 82 B
376 B 677ms
475ms Script
application/javascript 23.203.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&callback=JSONP_4266

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/buttons.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.188 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-188.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d794cdce0c59693716dc5091908a811d109b8020c1279f24469515b150ee38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.34045368.1675021021.5a8f58b0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 82
x-pinterest-rid: 1548461513995892
expires: Sun, 29 Jan 2023 19:52:02 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 150 KB
51 KB 103ms
103ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/reactive_library_fy2021.js?bust=31071854

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127c524b2fefcfc92f86fa2464ed40f100be821d83762bf921c3a040a5d92d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52190
x-xss-protection: 0
server: cafe
etag: 18047840910240991485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 38ms
33ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 35ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B72 18 KB
8 KB 645ms
632ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cae0243779ce9fe29932fb94278ebb42dc8ce88bc8e49a868a8b1bd9f93526a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
expires: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8746 20 KB
9 KB 704ms
703ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38af7427c99bf9e96ec5ee04e64d72ff7ffdc95e6bd00afadc4bb25c67215870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8915
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
expires: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 010E 19 KB
8 KB 641ms
640ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01f51d3df4ff5d81c848c0bc1ec5ae822b290c58765b12f9275b6efee67b6a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
expires: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C87E 21 KB
9 KB 604ms
604ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13b29cd701d9062e186617fdce4a5b3f2b74654e686dc938c1a9dab87ed40d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8993
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
expires: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thedutchhacker.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame DE3B 10 KB
4 KB 29ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:05:52 GMT
etag: 10353107486223812946
expires: Sun, 12 Feb 2023 18:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame 4CCE 10 KB
4 KB 23ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:05:52 GMT
etag: 10353107486223812946
expires: Sun, 12 Feb 2023 18:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DE3B 2 KB
535 B 59ms
58ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 18:01:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame DE3B 2 KB
847 B 213ms
117ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:35:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE3B 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Izs3crWY6CWJ7yHwuIPxuWc8AS7rrawbcLLt8fkEObSwqH3NhABIL_cqQ1glYKAgLQHoAH01sO9A8gBCagDAcgDywSqBO8BT9A8Ad5WO-tNX4TkffnFHK0pcIS4RsOiisQCvlIrONprvRQV0_hB_Tm1rI-UXZtmvnri5gsgmeK2qBr0qSlxIVvJPIp-ul0hMgL6h4lQsIQabWgMaF8Pu-Mg1netF2u3YL5shlgIjdcE4PSZ68ZccvdYDleIM6_ZisK6gU-llV80TsPsUISray5Ud2-QFYRKqviI7z8en1KDJpOiYJcCFcAsvwwQVr05nIzMe3eAxv_Dm3hHlI2L1-CaJLEAXuJbN7R8LSsCfJNp42XfRlwm_B9ULGO6bIWjEz4JZD5st8Hd80L5ds1Lo1_nvjvkq2PABK-x2--QBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf0qLxCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENv8CNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTM2Mzk1ODU2ODQ4MTE3MDAYAA&sigh=txvZIea9Rxw&uach_m=[UACH]&cid=CAQSGwDUE5ym7NYuLpVyZ5eZtFCdtUrdEByv3Gzl-BgBIBM&template_id=494

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame DE3B 22 KB
9 KB 131ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 10:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame DE3B 3 KB
1 KB 210ms
116ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame DE3B 18 KB
7 KB 135ms
41ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE3B 156 KB
48 KB 108ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame DE3B 33 KB
14 KB 88ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 16:33:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DE3B 10 KB
11 KB 142ms
35ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR0kY800YqboYtc6n0Dgn2Ch0OeUz3LAQshxV5egmMcNiROau1b&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900f8e445927059c4c6c38629801b93edb3ec66a1938e4cd0e56fdeb4d614996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:54:16 GMT
x-content-type-options: nosniff
age: 13367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10366
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:38:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 29 Jan 2024 15:54:16 GMT

GET
H2

200

13847047602405913852
tpc.googlesyndication.com/simgad/ Frame DE3B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEwKH4_gEQ4QEY4QEyCKIMR-uzuFmL
https://tpc.googlesyndication.com/simgad/13847047602405913852

7 KB
7 KB

36ms
35ms

Image
image/jpeg

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13847047602405913852

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e1d120114185cb44cdea24d2d4a0296a2bcab99e5a9c5d89d02139926726e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 22:54:50 GMT
x-content-type-options: nosniff
age: 592933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7489
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 22:20:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 Jan 2024 22:54:50 GMT

Redirect headers

date: Sun, 29 Jan 2023 15:01:49 GMT
x-content-type-options: nosniff
server: cafe
age: 16514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13847047602405913852
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Feb 2023 15:01:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 4CCE 22 KB
9 KB 107ms
46ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 10:14:20 GMT

GET
H2 200 15876095000325527306
tpc.googlesyndication.com/daca_images/simgad/ Frame 4CCE 50 KB
51 KB 147ms
86ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15876095000325527306

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dee5116ea0e61bf714cdede95ace377f95b45498d456f6f13e7b7f500040d1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 22:57:36 GMT
x-content-type-options: nosniff
age: 592767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51552
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 04:11:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 Jan 2024 22:57:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 4CCE 3 KB
1 KB 136ms
75ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 4CCE 18 KB
7 KB 131ms
71ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CCE 156 KB
48 KB 107ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 4CCE 33 KB
13 KB 137ms
77ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 03:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13488
x-xss-protection: 0
server: cafe
etag: 7956080266137140730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 03:12:01 GMT

GET
DATA 200
OK truncated
/ Frame DE3B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a38a4516f9967b5b77a00f40736a59a1cdeabf9f0b5771f7a58d9cca5f555de5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C15 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:29:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C15
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
31ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
expires: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7752 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame BDA0 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0EA2 624 B
242 B 73ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjhgu3eATAB&v=APEucNVCfH0ZhxCCrTtEH3Jw-1S9OziatfapIjEs1DzvfmFxnLPZ1Q11cUSx26lpEMCQkedFoG9nM_P4Ip5jgJtteP3IdlMqJP4BIZyCqYGObJyop5zt8IRWGOoZvC4Z_H33hV4JJyr22KivZIbYJ_6Dm7u_Gwhq6XY7VOfPnkGZMkOYOSn6NCU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9381 76 KB
27 KB 109ms
96ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 9381 3 KB
1 KB 48ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 9381 18 KB
7 KB 47ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9381 0
0 43ms
30ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTDZ11yJQfWtfChwO1ow6jHLaAwnz0uJXoLVlLe-zvpTBMWc_a2BM9O6WCu-weUhK64AVcdJTd_7HNfGzaxiQJ9LqbMg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9381 156 KB
48 KB 60ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9381 42 B
63 B 81ms
70ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXeAejAFLo4c2o458qDvN11pdyEXew_NukNlcI6I5q1m1kIbXbpnZZrTQ2JY9OMC4GSHEl5_cOv4ie6b_jGjhy7ZFrYzXXXOeFLq32Fuo5StnFwlw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9381 0
20 B 83ms
72ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14777551999713672068&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 6B72 7 KB
3 KB 44ms
41ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:08:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B72 42 B
63 B 75ms
72ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQvfOHJVyQKS1GC_jjOfJHmkulRkTCo16-SwXqEoMrWaJ49A5PzBMtZ73WabcRt03Tad0ApTakjkuBoIQ27kly-eR9G6S3qdpsYHGCeuYL9agcAQQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B72 0
20 B 80ms
71ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1284673251304353998&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B72 76 KB
27 KB 102ms
92ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 6B72 3 KB
1 KB 52ms
42ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 6B72 18 KB
7 KB 46ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B72 0
0 49ms
39ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgXt6UBR_pgMWrPQoxR5TG5-uGO1ZqZ6WKvB0nkgqfSaCSN8EPfpFRkhN4BOHusq3P31ERze8x2uOsai3mE5lBpEeAyA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B72 156 KB
48 KB 44ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 010E 42 B
63 B 72ms
68ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqB9IUx7pMZoyydulGES0iS02MaPryDwvLtW5TLPn2aSJ81yapcGkZI5-vPe0uA01__kbyhYMOz_qKJxRqfnUsKNtwhW7JUiS9l357gLNIzjwi7kw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 010E 0
20 B 73ms
68ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15381986973845550470&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 010E 76 KB
27 KB 137ms
133ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 010E 3 KB
1 KB 48ms
45ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 010E 18 KB
7 KB 44ms
40ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 010E 0
0 33ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS80b9ikg6tp7SiPSQZclr_aLi9fNaBwyMDh8m9Xx6XyQ4DNhv8MCSiJXDkRQi9GSxTGugrLdBepb_ikfGrSQvX5BT8Kw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 010E 156 KB
48 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7C64 624 B
242 B 61ms
59ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjG8_zbATAB&v=APEucNUGVkh8myy8KTfURfD7gz1dM7n1Q9DtiMBcF4xCD73NpJqGP-WXSXYW01UZQazUCZdvskXyoXt0GzrGVjfY23HUHFZEAqUPwwRa9mZ0wmSI7UfljnpukCIpxtScE_3972P4dM5odoDhcMQPHbZNk4DTnRJeJuHN4ouj2FnUv9smqXfZb1Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B8B8 624 B
242 B 69ms
59ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9-fiwAEwAQ&v=APEucNXx0TxpgfVfrJtPc3VGulOiNROpeEHunErhY5eKS1k1u9wipOrHw3i8HLi9t3VWps42VFts5dLogvJ9e_Ig8sSUReXKNRGyUvdCPW9vnxwKe5Q4jEwaQqFfIzZ6yoDsfycvNGC-9ueeKruwd28Bup-ha0vTh4b8NqttIUmVpk1XjAC18k0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D92 640 B
262 B 71ms
69ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 444E 76 KB
27 KB 103ms
100ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 444E 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 444E 18 KB
7 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 444E 0
0 41ms
39ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZOTI2AeF5Fd_5YOMi7b2Wm_rxD035jn2EP9jik2bxQgnDhIPk28SwCNYDd5kRqXm0rMCx-Q4bbhsLC2CCsEyi9IbiPw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 444E 156 KB
48 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 444E 42 B
63 B 91ms
89ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmaGV4fPW_hAKzqSUTnyxQ9DWs3X-gNIKBe1liFOgtcI3ptrkps3hUJDWknxlkQgQaBD1m66MVt9w2Pm2SVcWihU_j4Pt1bjGWNN6tzgLPzpzmORs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 444E 0
20 B 91ms
90ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15081434006846602788&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0EA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
766 B

161ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjhgu3eATAB&v=APEucNVCfH0ZhxCCrTtEH3Jw-1S9OziatfapIjEs1DzvfmFxnLPZ1Q11cUSx26lpEMCQkedFoG9nM_P4Ip5jgJtteP3IdlMqJP4BIZyCqYGObJyop5zt8IRWGOoZvC4Z_H33hV4JJyr22KivZIbYJ_6Dm7u_Gwhq6XY7VOfPnkGZMkOYOSn6NCU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0EA2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK30VK71gLbQEBhtFVHwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
632 B

37ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjhgu3eATAB&v=APEucNVCfH0ZhxCCrTtEH3Jw-1S9OziatfapIjEs1DzvfmFxnLPZ1Q11cUSx26lpEMCQkedFoG9nM_P4Ip5jgJtteP3IdlMqJP4BIZyCqYGObJyop5zt8IRWGOoZvC4Z_H33hV4JJyr22KivZIbYJ_6Dm7u_Gwhq6XY7VOfPnkGZMkOYOSn6NCU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0EA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

43 B
1 KB

186ms
66ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjhgu3eATAB&v=APEucNVCfH0ZhxCCrTtEH3Jw-1S9OziatfapIjEs1DzvfmFxnLPZ1Q11cUSx26lpEMCQkedFoG9nM_P4Ip5jgJtteP3IdlMqJP4BIZyCqYGObJyop5zt8IRWGOoZvC4Z_H33hV4JJyr22KivZIbYJ_6Dm7u_Gwhq6XY7VOfPnkGZMkOYOSn6NCU

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
AN-X-Request-Uuid: 15a73a73-84b4-4774-9399-8fcfae72fae1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0EA2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

170 B
232 B

133ms
126ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 19:37:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 41b8f095-5765-42a0-b0c0-785ecf52d56c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7C64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
632 B

160ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjG8_zbATAB&v=APEucNUGVkh8myy8KTfURfD7gz1dM7n1Q9DtiMBcF4xCD73NpJqGP-WXSXYW01UZQazUCZdvskXyoXt0GzrGVjfY23HUHFZEAqUPwwRa9mZ0wmSI7UfljnpukCIpxtScE_3972P4dM5odoDhcMQPHbZNk4DTnRJeJuHN4ouj2FnUv9smqXfZb1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7C64
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK30VK71gLbQEBhtFVHwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
632 B

36ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjG8_zbATAB&v=APEucNUGVkh8myy8KTfURfD7gz1dM7n1Q9DtiMBcF4xCD73NpJqGP-WXSXYW01UZQazUCZdvskXyoXt0GzrGVjfY23HUHFZEAqUPwwRa9mZ0wmSI7UfljnpukCIpxtScE_3972P4dM5odoDhcMQPHbZNk4DTnRJeJuHN4ouj2FnUv9smqXfZb1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7C64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

43 B
1 KB

188ms
67ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjG8_zbATAB&v=APEucNUGVkh8myy8KTfURfD7gz1dM7n1Q9DtiMBcF4xCD73NpJqGP-WXSXYW01UZQazUCZdvskXyoXt0GzrGVjfY23HUHFZEAqUPwwRa9mZ0wmSI7UfljnpukCIpxtScE_3972P4dM5odoDhcMQPHbZNk4DTnRJeJuHN4ouj2FnUv9smqXfZb1Q

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
AN-X-Request-Uuid: 7124d4da-1d20-4858-b94a-85b8750c09da
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7C64
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA4MDY2MTQ2MDAzMjQ0ODY2OQ%3D%3D

170 B
232 B

114ms
102ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA4MDY2MTQ2MDAzMjQ0ODY2OQ%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 19:37:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6edfde42-5d26-4433-9f2e-0b519552c692
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA4MDY2MTQ2MDAzMjQ0ODY2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9381 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1311887601436&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9381 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1311887601436&version=m202209210101&ct=76&x=1&cor=14777551999713671000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9381 86 KB
35 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8DA3PL9QREZSQRqjJLV2CHrq1Ovb6nA04bDMuSX8JbTalJEQgvd78WE-jMb-JOPOr6DBhcw3Op3-viGqvfCF9rukgqd6zKxTEuJs1FalJVvAalo6Rsg0CykYJhVvG0AVDtYaQg-TeFSrEgjoZ9R6ewjazJ0Efcp_fdd6g0J70npx_2gs&dbm_d=AKAmf-DrbCM4EY5kiAgAuqImwDbzg-WIYU9BvCqgRbKX_Z-a78ccmpVtWiG7cEdBumpaiwiP2dWRTnFxBihgGcJHMmNIYbfOhf2o1btB9FF-xzeET3iQVlirYm5rdW6DVZKuH511K-Ku0AqNx66GMZrNs68Uh0EGRuIt4N2y0eiHPqFLF_w2xCfuVTM5XpXztQDt9TQQkIYDemzkNcU4cr12j6I2p0PxpsIbEot9neJJzkoQ90E0lBR7TvHMQDIrZ0-ujfSUYxASFWGDsYaC-Cj8eRirwM6tMCLC5TSyohXEwDk0MmriFdDc-igkoOVmQmybEOoLhNw_jiECDXVLc0UA4dzhIQYMLHJcXWRt2Y9Jpik85kw3kMgSt8SfaIov9POoqGsKxlB2XxD8UgtTegdRs3Jy0a-8KBm-9vfulc6qgOApwGhBK2-zTWtccp4kRpC-5FHUZfNbDBe_RPawgUBn4BOlks5XSXGGAgAeNNZi7WjQg5Zkp0mr2JPvV_Gwjl6Lrq4BtAao4hqk5hY4Zj2qzY63Q_OZLMn5r_6kWy-hcgnfTE4TwV7-RlFnO3Yz3AQ0oh2i_rk2moqI-1BwCwZ0KarECxdFwFkcsyRoQkhAN4gHcHUg1O_3_7AhKrtXUa-2d0zuaLQ37WoTyVozWit0i72kViSsFW-8ZAL_LePNq1actV5K4ydaHjUM00wefkCRMmTQtm6da8xhS8pdhOkts4nBKhZ4RBELJJ0Zk7ZX_3bf-gncNjgn3n_6jOeZv3g3VY7hEnLevwRG88w6EQrrU2RC2BeHPe_3FNjkKQ-NC7f1ZMNjimWm1shUtbFnn7PumcxULjUcJNo0_2xiK7LIg5qcD-nWP0Jbigqzt7yk28zRz3Dl88FLERhuEi-k-8zhOcvIi2Rx6tB--9MIiXhPo4tZlE8L8fXvkWJ7kXaVraqczvBMoS1GQhi9NuuAeku9PiftKM6eBlB7UY73fYrGV20m1uh-ZJ0wqTdORLywNTMCxokQLqXrbyC_HfbVTMjka07KtlWCkQETil9OrPLZtvp6eH3Y8UaDJPhh172H7HOewp9DNysEc1moZ9l2M3j1N9mkNe4r6UJ_qerX8ILja7d7euSUJx9Qb_s4ILOYU3FhvUJegti2qe-yOnWcpsXM_p0NH6qbFeeDFUnYXwoxzglmPtemrld_QiFEK_P8xPa5zp1MXGgJ_iLe9ikaDdSV1SV5MxWMoKXnDy_CrEdpIXRKH_mKshMBfxXjhorDKBAkK7uQzf9LUQ--ovzn6PTCqdgrMLFHrAWCndQLPe-0rP8KWpkhFGL_SDR7yUuKYm16XYPgd-0_h1qBmxA633uoaAJkvUqzU95CsTnfwbUVy9wRId0ICFSw7YgesAS7nEaU9tJC0kxaaqaNNj2YGhW254x9gZNrrx6SnM1LYEdTeRECkguvjqdOG0XlIn3GiHWimVjiuSPNO5WbGybqiCrN4lLIsDAwE_niPlLJSPL-Ot_AgspJW7hHdxYEp8jufGw6JtfP6AqZC1PGSbbyHE5isSIc-jbqMJ5y1LaTAjm7zxEB55zsMDoRVzUPdygave7cHiF9TTU7HiQpc0eh0K_1MbW-oviA9ZkLB14dLvjG-FEGW86oen7IVDCDwbBSuInJxTHW-QqUQsWlmmyZtreBx11k2g9N4Fj5JaRF8kMoP35tXyh80wQJnm7VGR-McEPEnz_ACHfoS0CTSbZHjqD7olgSnKhASMTuXQjc5xoeYX4-nlGozq7LJGXlJOBd4g4k7QHrLYBX1KxIgqNZeabbHOmqAdEKJK1ADis0HePyGLucgwxFqhkzZkBeCj9Bk4TWkdFz31SanbPcNEEDbOaIi56ithcQCK9Rprg6UXkJB5QBkhYr3QywlGWk0VLIxaDHdzRTnXiYN6AwpNIcfz4OY2Srmk6HgCH2ZyXOZYPPPgWEVJY-N6LKCE8sLL0IVxhHfmbK4_U_AhLtE2NYHC0RZM-d9ltzBzPiWC8c_14vrUF7HhwC_UCe_r8vZ5cvoP7rLXchqWpnFNBlaWZKBAtxSe5TAADR7JEGud9PRUKZFk-VumMJY8YbnKkn-_saNTQBGgLBYqD2pvF7GrigxLb7l-haCx5B7w0-gISeuWzYNvdvKDsdiOUfwIkt8gwzlQ3xAIW7D6CYkG-wP1LIcLJjsoGVgZMBsTFcz8U3-fn7ylxw4Vg6utFE2S3FRb39vQX8arVaYHO3RtuvLDTbuj1FSBwR6St00kjOtAfvpVlXp7f7ERt-P9UR5R5AtbOmyoppHG2yvRyNPDRwhZVgbPB_x30HuvCWybzb7KQH77qTWpWlInlAHc_JXae7xddp5N8QIXnSy04ZtiT8hHtAfjmub4ebXOB0SLDCcWERCQwTZCOhzTzfP-FSeXeHkRphY1wNZKO1PDMsYgti3loycT1TKrcpQiIj4XkVtmQct6amzgp1ED8pIEPSy-N5YW-EfcNdvVSkb-zt8wJiQXMGWPwnp6sh4c7Z2Z-wFr3zhfHR8bxGpS-1QYNFjetF6OoIwHRH9Ak4-dp1zbopspu4vBdazgDo9tnqiEHsxZarlHxwgyMYhdkBvQ5yyEwTUNd0BYCSIBPv1pNNsZqBzBo61Zs71aUIr84MJwNAqL62L6QvgOlQOGF0sunq9oXXLCZrjb8s_ptz4FS9OalbCWDUIzyC3g1mL8HrCbv6JDK0-N32LRZZjdMKqri0pP8YJrDCbeRuFhLBIZKxMMnhcX0y59kygO9aQa2FDipiNz0L6W3gNcPU50zpBCFvDa4t5GpAF93h8obWh0sqj-fY5WtCgn9WD6EklNQJ4JrjwX_UlQKSQwp5F3f9hJGhjrmxSWHdtvTP_epwiH4CvQyhNrwql-he4ZgBKHMmLSuKxtoN7jQYSVAlkqF7v8Z6cUhndl1LqkLSbI4kDm3c4MZ3hOP1qyAeYkAAbsjLt6suJTXwbmRhW7_Bm0lVP1qTfZJOLRspi57tfzknlXERaRhtV2HlldBWf-cqm55kir3HSfl3KJaWOmnQSacJynKbpnkD45OFJI1kCppGXQcM-I5nH_ghR9IJINh030t-wNY0ACa9dL3rdOr0VfdW4AMUuAPrPqvSdMkUZpCSJYRtBOmUrGRTFx8G49rb8v63IGNuVknkrYz9Fag23lpLlal1DIDa2dAhaJPrEsCHLfw5nfp82rzlZ9T-h_NfqcTztByuGxYRXzy8ZLGT_tCElD86hHHIDCxjuDLD12vtRZSxF1_QlCHVVm5LlzEMAYQhNAZNgDbSG3lulsn6_fTFkFOXUrHWUN3xFvpmvAXd80nEm8t7DWMFdTx5joXzG4oynRqlMsFHuBXD6q_2GZpTAN5xEIiaS-PavTgWaORlQKs&cid=CAQSOwDUE5ymFo-Pr7tDsfMbPhNDPX2MhORZdz00-Nc-pSYJKHnUZUQuDNnyncnQZBphmrSkMmp0RqyxtcvdGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=14777551999713671000&adk=521587874&idt=116&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a02efe77f348d33c2ac13d9193315c6440493026114fc5977cd310651b12c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B8B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
632 B

158ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9-fiwAEwAQ&v=APEucNXx0TxpgfVfrJtPc3VGulOiNROpeEHunErhY5eKS1k1u9wipOrHw3i8HLi9t3VWps42VFts5dLogvJ9e_Ig8sSUReXKNRGyUvdCPW9vnxwKe5Q4jEwaQqFfIzZ6yoDsfycvNGC-9ueeKruwd28Bup-ha0vTh4b8NqttIUmVpk1XjAC18k0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B8B8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9bK34YeyI5bJioQZZdUagAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1

43 B
766 B

38ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9-fiwAEwAQ&v=APEucNXx0TxpgfVfrJtPc3VGulOiNROpeEHunErhY5eKS1k1u9wipOrHw3i8HLi9t3VWps42VFts5dLogvJ9e_Ig8sSUReXKNRGyUvdCPW9vnxwKe5Q4jEwaQqFfIzZ6yoDsfycvNGC-9ueeKruwd28Bup-ha0vTh4b8NqttIUmVpk1XjAC18k0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7VOJh50m7SNetQnmo7SNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B8B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

43 B
1 KB

168ms
47ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9-fiwAEwAQ&v=APEucNXx0TxpgfVfrJtPc3VGulOiNROpeEHunErhY5eKS1k1u9wipOrHw3i8HLi9t3VWps42VFts5dLogvJ9e_Ig8sSUReXKNRGyUvdCPW9vnxwKe5Q4jEwaQqFfIzZ6yoDsfycvNGC-9ueeKruwd28Bup-ha0vTh4b8NqttIUmVpk1XjAC18k0

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
AN-X-Request-Uuid: 6c38486f-68f9-43e0-b453-7035ddc47320
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENh9mVTQIt_jMfi0RmApo-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

170 B
243 B

133ms
125ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 19:37:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 896ab79d-0511-4a5a-93e7-f8835df8f205
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NzQzMDU0MjE0OTQzNTU1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4D92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXX2YxI7Lbds27blCXvotY&google_cver=1

43 B
114 B

87ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXX2YxI7Lbds27blCXvotY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXX2YxI7Lbds27blCXvotY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4D92 43 B
304 B 102ms
34ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 4D92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMp2dv_KHglT-tc4jWIijzQ&google_cver=1

23 B
172 B

322ms
118ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMp2dv_KHglT-tc4jWIijzQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sun, 29 Jan 2023 19:37:04 GMT
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMp2dv_KHglT-tc4jWIijzQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4D92 23 B
172 B 440ms
129ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGPae1toBMAE&v=APEucNVIFl9eOyIjGkvck9K549q2TEytwGqtgcgsHXKwF98UhLXa6TgWVKHRfN66yK5rZbGD-GHyoOnw6WFjNAHyOXrDQK7zafHtkGU8xFxg2j-vb2Dy5y3j1sQl150xNro9AfHhrBm-gYE7ee2f9Rg98gkn541N1xhiTXXRKE58qfENEPS1B_o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sun, 29 Jan 2023 19:37:04 GMT
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 010E 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1868105111396&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 010E 0
20 B 78ms
75ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1868105111396&version=m202209210101&ct=76&x=1&cor=15381986973845551000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 010E 86 KB
35 KB 81ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmcT-NGlXQNHB5q-VQcG_4rXwVDNpNPU1KP6zkcglYVQ0Sb2_HhhsN8hIVhrCqNr5MSDRjZFghSRmxDLXrOUaoRBWQ_1wlhN78PgasktXJsDA5P_Jhnd-Y4s7n2lGjrt4cuSb-hT8vyH8uBAJllbpPxZssSDDMQkHtBkLzPzIRAnCfzqQ&dbm_d=AKAmf-BVyVsIudt2LHk_gfeyVCnULwjgixHPawfLhBHgGF-rS369C8RUuvjCCbfQTvU6zHQdu66jBqb0ByZohzd3bP2QlGzMJi2XLIKVHg8__irmnEqSaLSegWdPUvRi03F9F5f94Kyvnu7uo9X8nhPq1jWKgVcQxmyPNaLkMxND3FNnizOwFTxSaDXsz8YyVNxHhMSL242ztOXzldQ54P_1ET1NPkELXHOp7NoRzow8t-FNUcQJC_RXpEX0rEfgmhGPUgDBU_OQnEqI9qJHmMNP1RshMMEi6wViuDPrbI3Bk6tIwafWAgj_LyZ9FV3rYb0_TsVBiM-39AtWbM7Tnd3jgjaRLbQTBvlDGWP2-e9iPtKv0hOpK-ywRbyHyxrpU856alXZw0ytrWc8lmvJqW2xsIeBY-EPj40bn_0-Ufk1K9OYDTuWuVcE3FBE0X0ydLoicAeDrtAk4UuJXaXITooS71g7lj2wM5A1I1p8_BvuZQD-a0iQkkOqYgjnXUssHA6ha-cjL9JkExfHArZZtNPLD_sDStKAATlU7QM2HJqhBB8-j94OUnUA3Kd1ASxVSTGWwNZd699JcP3h1RU_1VLKYJhKWXFsDIBPC7qksMamXajoDBa4r03Gk7-Wl0GpEQwBGGwuB13olF34jIWNGh3FvV6AVSLkpliretNda3YnfGWu0_0SzZ9F41Do3qMK_mBVHYTrrxAoGq4BVSjIDpfZrsJbsiBbMGeJLpfnd_vqLcVz5kC4bcjThCwDDDFo14gpAsqssiV9moCliAy2wG-pT5qBKR79mbt39gIKWLjJc3SE3KPwy98g1BxHMveqXW8cfS8Em09tnKePUiR2qpglR1KMeNpnnAG-sgzoN8vgOUv-LH50nDz0AiP8kfirMTW5rlmnKF9WkOMtbRT1WSqu-TGifFtCoEfbX96oEmrUmvY48mAHDWzUN_Mra1Qpz7qTAoqWraHjQJl2SkngVzNNR6lRUw0hzWWDv34OWiv9XapNYWXG6Pilxq9vOB8wNyb756PUnlG2NTIrIo4IPoOMPGB3BdE-pEZwjIeI-7Rm-MSc1wPS2vuihPhB7g0jb20ZGtHFTtijqTujJ9FDeSS80YZM6xZ92Oindy1C4u72_bBlAVQVju8wmdv_IO-0MXQcpMwEuzAGnP3Po21rOU8gvYDGdnDz5fhWeNJZ3HCqmR4GfH-CTIoD21UEd6M51ezfP9ekrwMhz_2g-CsEnOJYpcI0TJBAie0AeqHwX3GPER8-URRSaICZArxtrFz8mA-ZTfuLUYq3kEk85yJ-pJBIZA2pVA8IEHu2OT5x5RkKi8JiZADESPo4MC3NRWPvTkN_KjjrU4MjasyHX6bu5e4haPaArYge72ysPUJwb1TCZqIt3lc0-PJQFqxUXGMOOd9rAWyBZuZPcExMIADyKraHmptRZUCO2Lx4oJLWeJCEeVzx6ASlXZwHR1U94HKLksj0GAle_nr3VNQ9HBabLVV3aeQfozUDlaF60SS1apEBeLpKs3Q2hrZ0tLVDCvrQN_cYSLDIhggNoPwn-bxMeFZuSNM-f0EhDwZ9LUoDiIPQViHXLy2Zd7aQ_MyHcklBAz6uPehBnoF7vwluZ9blIquDY9RxC0w6J1qpcPtEUpoCmE7ytTVbDlFBTMiUpSShnZ1JtnaRvKxxtQsLQCcAcMjARixE03AuxR9ITqPfjdas-D-D8ncJVLDX1gGFAS6gnrs9d3o8wKExg6ruJwTA_8laU1ehUoluJ2-VIntPhgpi-CWmPFftGVu2GOPZmDJxySEF4tfVgiFbF6oE3Dd4U7l4HR7nQn61L_qlhYRzuM3W5kzMkNETTXw67RiEuAvtD9deNU39kAuiGkVkvnQ-MuvBbZ32RPcRpe2qK2eCrZynEBNQP_kOVXFb8afaqOq1NdatllCdxDXM_-aCIfEnYU2p4t4L9L4JF5944WOu8DplkEahJ6fciHR6-zKvcRM9LF5gkiliZ6P7EjkqqAAhF14HxhOnOMuBZXLL08-0eWn7ST9hCER6k5i7JbgPEgziUGYNRxH1kEJmKW2E1OH4cTTYmaq3eJBcQGTeWzJEqyFirV2edCMp4icUmNIjQ_3VUUp6l1CQ4OMU0PuJJqJ6I4Nh-ZZiM0DkltIuN5yiFYdF9o7xXYPS00v-56RC3xaVexmtg3qcCTNHSUGu_x3-Ay_GMSS57wLydWMpUxjgAQ6dpImHxs5bvylVRr2ZY9UL3jFmlr9ICcZ4giZwdXeF-ianScQ6aYNM6D0xsrDA7ROrrZF9QITE1BrzIFHk89QQ7Fgf-uJemVqpaWG7JSwToQU3JIVvDm8dXsb1rgKLAYty6JWA3TT70HWCAZFiJPnoVeeiUlXeNJvyN9nUqkfPhLbqqdyQ29YmohaSNC60Rqoe-rYgS5nEXmzLI7q8a-QkpX5omzonkJDlt_d3C5mejMzex8LAMnmhHnkttNxotsUpDLmnxZtFbIw6M3ETLL9YqWvE2PXArjRqeZB4S1ZAfbwfiRFAG7TAitRiVwwN78ilMF9iX6lKCz865Z9OuxSSdXQmJXIyM6uwYhEurCtYSmxk6F4RWP77hKDAvAdKRRJyqMFiU332yWdct-SPAVHIeIMMFCUwIBxqsUCnl2k4XAqJJxbM0HWP5i6bEX3aIzkp-uDgtI-8MVf2GRLLtdRwfiJBd4WY2XmteigkxP3ZkLRZznEi-fcdsjGDmIZAkffGoP4k7g4LpxobTTW-VifjtNFf5QOUko1Lru8oncxG_CHD7MOYNA9wVyXrEUqHk6r6AB5KhRUcpkvFJFEc3WgwXWEkn4L5ZaBDIyMm_i6hx9pX5YJaQtJ_H7OjrVJ4DEQS80JNiEoQDzJeTOFf_Mkeycj-9OEu3CMBQre7mOdbp6IfpAX0TXe8dct9gQSsosIh-VgOGYCX6KneavK0R7-vHNZ5_xpN2riOV2DHDNdKFEgrLK8Gii8_ewmGX3XSnvAxoox_LHV1Ztp_dXgMo0H3Y-ndRdXHCQANsVuTo3atBRKM391sfkm6gbVg3tL2k5MRYFxr5jcG3bSMHOblwNub6yFYIEJ0_YyfMY6ButJWnZCTDHrhMwyr4w0Q1Zfb1Ngg0gwWN-UZagdCfst3RoiGV9BSjWula4MJ-YTmeqMvguAhXb6rkPfFcpj7m5YNq36WgReqDYpJUszN4ErvhNNiH6mmWAWi1DE8Fo8nLA6i6BOHFBryXyKdZIBugx0oSVyce3XAPm93EmwCoJ1xrXU4HZHaHnTK9IRTYAF7EnDW_hPUbiKeGVCiB-_J-F25TLE0G3ZIaVcLyAz-mzYYK2lfTk1QzpsyOEzSWP9A0aaifyqoFZCuXkm9mJ_eH9-uioCsQ2ehXLxDP4Js4FSm1TnvfktfddrqzHstd5xBmBXMFD2TjnrnOlTEmkQv0fISbvO-hw_0UNHTB2B4OxJmQmH6ugFVEgPzGCAA&cid=CAQSOwDUE5ymWXGWtLs_HXwAS6vRxi7NgFHkuwYhJiogdWMKo_XMr4yBooflfGZXBh-P3zJjwf1c3TverZmeGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=15381986973845551000&adk=2228999115&idt=144&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21e708b0af48b3417fa8ecf8940aa695cb111ea968cce2aa7f75afd75ac64c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35780
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B72 0
20 B 103ms
101ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5867044680694&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B72 0
20 B 99ms
98ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5867044680694&version=m202209210101&ct=76&x=1&cor=1284673251304354000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6B72 86 KB
35 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnH3KJcoO4BWs0eDtsusdmt6eTPOTPb3_636HUYVW6aR0nY20Hwl4JjXTeHAimtTURIdMbiOVWT_rdte14kFttIG9JosmMxTBcI2fXsLLwMtHLaWLmJTUGPljtOT38hT54GReqX3H17gNFq3JHUCGXXYImzfC6zem5-xHOD_t9KWLwyjE&dbm_d=AKAmf-BHDH6ZSRp_zIUu9gjXl3LERX0VYR3QvWr9hpMkAqHRf47DA6EtZTfAs6GS3CsqblbU4kDG2yavtR3SCMuzBF6S3w9cBoolwzatclevv3xB8KwfAp5vdT_RlJBtyuGgoWUo3gbK5zxZkJnMbihS6BmBupoKn6iD8COiunHgW8zsQjHOQetlMQGuKN7kh9lkbKgUWhfit5sVZ6xQe6XGznu9SaTLDUuRJKdt-fUslE71Cd9mYBA26e_gcrMeWHNQXChQKj5d-pB4GoM5M_qKD_Tw88TJQaGfcJ_5ANHeRX8kYKRJJj-SEtskZJGDaMUr0EsOUVzdqNfrU4cVczIwWfI0O82b3WnJddvDWkka1QiuxYWcmcMRYTLfOKe3XIi8hBxHI-fH_UP97X_FQH-kKuFdJuRh8bEn8Qwro6q4MS73SsJ_cMQL2SoWokURKo2C7XwnSZHra3S2ouqH2UwMrUopGPz84b283MWyEhIqGIQ7K7z_yoprrAKk3Z_yj8LTMqvC7mQRSqHrBG_o0A5Lg1jQsvDhdnOg_i3xNWdgZ5HC0S1Xg-II6JOc_tJCwbMD1JsszaFjpK0Vd2PLse-D93Ne-samm4i037r-YtKdLrkanzzk-cka7RTV9wjh03b1575Fw5B7ulsqEcpWpkY3NFh3WguKjsF-vw7D85BtkXFCHwHBS318QBWo4SiHxmezPYUJfMhmnRpTOOycPv32w0hRlTW_3rjKP5abT-D2Ww8mqqJujkiG6LzwV7fnBqhtBaO9HkE2d9SQZDwycd2vq5Q9QseznYD65tfoXx2vResJ1jeJdCvtDiKGAWz8lJhdqs4pYhLHoXkOLfIniwLrom59DvjNXLTewCwvhcRe7v5m8IUxIXBqmfcQH0or5hD1dOSe6wA-f-Q1gYRmo2fAAE_hbtU_wE-AReNpC2rXZS0e8peIOh0BSaT8eaqf5MxC-RiOsZojIFcyX1zt32bE880doUdFng8XXNPW9LWuMh_zFeyZm7nJVIWr2yrfMZ57nugyXiTKcLofKTpkF-dO5deovD8pLUDXGeb6yami717rLggPgIE7G2iEPRjwKqYJXHd7hhTYrJQM-KlFwd9Nvzr5MojaURZ1yTTSpY0YxMshE-HEHRzwgMWLngMNlci_4RXneWtNj1Mmr08Y9hKQo_nZp5Zz0ZVguw9dmQunHxQb5_P520RBOf24yY_FgTid3EdAXRd7bR9qtTHqgpTPfO3AjLlGh1vsb2XMvyW0fLonMz4DJC2S8DpwqEhl8YhrJU-J5tkfKnDR5z-pcXHxTpeUzuJFuqKT8uuFsr2I7f4DoHzK3xTX4s5ZErmVUfSGEmLZZ8CBxg8sAMBEGm61hLChMCQUtcv9GYeLQHWZVv3srQHRSoaRTyVbqJNHBo8E92vOHPgOkyj8IW7wRrhEFa5vMW0YUYQ41aXYG8sD_kdO7Q0n3uruq6eDbcC-tS279Ua5Vv3hFFFuqb2_Y67HC320nu4JJHNbRPORCuZqN88arAgUs_RYngp_pyr3_nG7CRjFhWAp9_wxoRxBGkWRHPn_DHV9foS70Oljxvf6avf9ZjQ3cXENaoAwbDl38h8TwZKD32mxsHKx8xZUoiArLVcvZvoJZcZcWy0JDypC4ho1stC-nfY9iNS3q7vV4L49i3RW3CjIBkd3FN62LzxqhgY5FX9kELLTEEEJ7LYISwMCMAODlAFd36laSlsKIn8VarATzX6lIMzkal6V6kc8JL4UywpgxUCAL4IShCzOKVCJmNBKU9-A6ychcz6RmRXyg4PRhpU1Bu2SSW8WHtQFmBRG3SN2gilw2RMYvJRCda1MIb3PORbTGsJFxf2Q6Ov_2IRxMfKcAs-03u6MEFnFgkZ8Zu1AFDkKrIqv1W11_UjIb46TQQWuUpgkDDIvaAjeM2X3lrTf9-aQ2nEOo0yP81OgangPVjdaGAhXawBxfgtMafQHlMGHayyYObZGzi7j0DUsAbias0mnjC6glsA7RnPfrtqn03MowWRd_D4y4ocDI9-A5SlAmS5QI6jm4Ca12ZgdXuBBC7xpO8ddv6hD_LXtbPi3-q-WoTk6P1-qiacGGV2cPnibjqLAZc7hQ6y-qpCvCXEW1Pei-_6mYlGklvwUMEKxdBV60WBDZBIVjBY40uqJvTkqvTh__ZrwYGIzHmynKGKOIQumihuYm_D5Iy9SHNBpd686iR1ZiA6KoBLPrFIFXXOZDBsMz-s6_CSTMPqZ3KdAEwR_b0m37h3hLwqTUf0Rpee1OnQ_4_ytNGPhDzsIuJzFUDAs6EsUYKdycCoIiA7-7mMwyxoJSn11HxJWmQBrl5DPdvM4CCFJ6cloAPHgqTwqwhMEh2PPVTbFwxwdzlm4_LARkthEsBbZ8ZJMp4kvxgekP9m7tlSMq61cb6i8GmY4afRxiFzfjxkCCeNtno0rWzDwGGwoPNTTu9wHPTaStVtdUSVRtJZ9GqjobzPcIbiPv20VGebKVL7_C7ox3-zULaGKT6q5L4ZKJpXKVMxzBLPHUKM1HJxK9L4vcvA0Q7Z0v3T5W5SdzzfE5yfHgszqUcdVEjkOO4Ry3TJ8cces_fwkBS9AIL72nqpzrJJLdtRD6oIJ_XUvhh2nQeTQhfil_EBtOWl96UoGYbv4nEc_AoYPsBUUaLwii9LgbD-B_JgUDpVZypupwkGB2SpdtbeVXaj0Eardo6bMDk1tP4ziFs27r8FxUclaEXSzLAa3NuqI6ysWl1ZrN4SMEetSmaaRNXbUwfprH25g5uYq4F4Ma159I4mqSpwysBDttJPwS-sjKJCJgJZn6qB8voTmmur3iXrR5B12ULLVEvRIFISTrolALJHoROx1w6MHXq5dpoA7ycA4hHpH8eMKKRnfPtOQXfmNbiiA6OgCbUvydL1cGKOhLXF6FlP-1xqjxq1o5Hmlvv0XlrRfIxLOcNbDJIcwFO8KuCfnUYQutttPXLkW0LspltB2YcnSI3T-z2O6s1gJSDRDUDzYayyr7yiiUtQATqBozKtoIXQlJnupS91sk9Ik4ND_cGFenBIH0xi5to6_KpOUW6h77m_xKhmIGyGLUxsrxRFisgwRR7MCWM-qHR2Xj69MgcMNq-V23WtUo7LV2k5t18XOHfY55lHJBQplh9CMd_CWg_pufPPP7p8pGUwM0Zx_dpFfAKkP-lZv8uSSU_2wsRFaywgeD_z_Fr7OmMzyb75KGPlk3pgbIQ8bfGBanio7lgltu-K4IBtVrhpvALcWNkxTGv7qM3sbXB4FqCFIpkq7-kN1XBv2-DD6Y-LxLryNywFlmp8Xerqx75iSOaNrvFBYesTNpqwQYptIBGzBzOguDA2HFIDjUZetN-1fsgQr16UMnCNKU-GD2t-jj0eVaU1GerakF1v_AWhCqBiGuyqFDuYYmJ9PdacS8x6y18fnVRe1XsQ7Lvdnufu99PlK_yWvEejXOS2ZktyD&cid=CAQSOwDUE5ymU_b_zjRpfQ00CzDTck9NSIqu7WSM4d_Sxo8-pzMHz8khY_H1UyvFuDzZtAfiFoBerQqG4cjOGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=1284673251304354000&adk=250412560&idt=167&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb94dde72cc3f6f7e3f1573beb750964d0e49019818581be5b54d35528e43264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 444E 0
20 B 104ms
104ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3885565114108&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 444E 0
20 B 103ms
103ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3885565114108&version=m202209210101&ct=76&x=1&cor=15081434006846603000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 444E 64 KB
30 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALsrawZk9ESeJ20XwEjRRIZ4w05SVCbLOZxe4yqZWxqzw7733Ifk-Mvd9DtCpuV9GXBe1TFr83aTH0KWNGA9TaUxY9wQ&cry=1&dbm_d=AKAmf-COXjS8F3sOxFQcxeFd_AbQbkuohYsONqlws6dpG7urUhHjCstFKO4VgyAPpMmndfmPNq7GrgVnyZd8UI5_M0qGDlH_3ADSfbsWV4QSL1SUEe7VLoga86cxwnOBTD9wUwulP_F0f_bbJTauF6hhdBeREGVeid2TksuD5wHuAPkdpxq_CrCKHaeUt5oVEIxUGatF3kwMnN5Cg1ahawhrFLi5BkGm4E_TugT48tkSSLzGAoUDobwB0AE1lrsYqPxjsDxgk2ghuk-fG7EOWujgqDy0vie0HkHb7qd4uB8DDSYH75h96xSmAjTCEl3mXJPNpAln6BAskzqqBpOzIJsJe4Dpr2Jnx8mG8Nfapl5Pcy-1eKgSGzwHAKthvcedBjSLT1e7-tLEr6JDz4T6hIsrJVry8ohd0lmx8gLLrebWEYMyfdby-UXVOwiKVYarbRmPvPkwWDYBop3XGUB0mGvCdlP87wYUXl9Si_mXeukwN9OtL3vApFG156uy-OalL8NboC_Ay9iBZNYJQ_X1Kxljz98sb9Utt3olOuaatjDDAkIwghOuQ0ExIwZKd7Sd16VDmhJVVBGYmHetVeGwnZd_AculbVgCFR7-ovOgd7UjEaB4aya3J0wiO05_ZJzrsz1QvPOtng5wMSTHN2eFh2c-RmsFN6hH-lCiiBA2iw_NLG7Lsp31dz4wDarq-NU6a4wStneLLpBwmWE2EHDSqwaZeUuWqrEwGadk3VFfLJhFm8_r1oniSRVMKW0R6HCMC1h8-2DIOw_u9RJazJKQJRyXdMPj8vJrPNrPCS-FDmBekKdLmRuHPtNPsr2Ud1J6lh-4ogZmifHFWMOvAdReHEBI8RZYlSYvqPz335m0tUhKLqqmQhnmNFHVpV3lQRnMQ4QGldztQPo5oAJmjyYqihMg356yj0jcUHMgsLK29HjYFgudyeFO-v3RJpK6o-f5vUAjsgLHPVa8YAwZfDkJsJHeDzHOrxQmXIuWvAcelqmqskeeFYYYCxhks_Wcdg9-7nc0ZgwKAFey-3JAo6ETv-dZzLqp1R2MhJ3hx1x8w7fhuYaFqMNiqbNUHso66t6cXnW-U4B5jRHgD9YuVma7Z-yUgv-tWo-4aiWrznFPOtUZyAHdaFPaYGLtygzfdT3IPHNfz4JdiL1n4gSBaZAa6ioDz-w4RFOozh1oKSEMees8yX8BoUVUOp5GFk6zMngytxfjV7P-5BvVH5NDITtCCY8fqVRBIBLEQSVQkH8cPh5pjGZeYAGFMm_6xuaJ8vYU2-3y5Ux05_XGiUH07-YAKnvIvZE3fXbqOB19y3Vs8HTFT9ussa1YEo8tNAePGpP7wnZSAbXg5x8O13wuuQLutZxjCdhLsiBjGa6SOMT55Zp5Tc54OZtdDJoBKzqJOZirDwpXeSxyRq4JVYm0k7PVkYfvmIVPUOi4Qju2E0Jb4LYqk_igESchlcod1XaMizq8zPmYCLQeqc08brlPp9QlW4egE9zPiFyw7LNpMT0Yzfp5Om75ZGNP1b15yubdrfkbGYxiiGrqWpSSl45BFQj2NayX449S3eTi-IpegcP6kef-8VM7HBwxmRWVvBG_mr5XE4kQB8WkJUNy3i0VFP8LomeIVHpfpuFsyqdqivIsPDfzPy1khkx1VRTNdsxIOhKEHsHCEyOqpXblY0omMmVV5b0K2kta3ZwOtN2jQhnjps6oMMSkhiAYj5VC-3oBMvfN4s8Yb4chXQ_5WpbD2mRKt48rB6NB3qCzlv1vHadPz8Y4kASrkYE1zk29lScFHEtllPapTI16FjTtNeX8crwcHZIZxP4iiicbNik8vrqWeCiSFx5j46VRp-YHhUDG2MCLckHJqphDUp0VKFKe5JEoql6kY5SDC10vHZJnX1qHcqXo2F4Nfb5sbutEEjC4hdsOb-h0koAMpgxLk4t55ArfQXoXhksEDszPt-Hh6WUvO5CNrvH_JUSIrSahG7i2kJYIuGXC41jusv00n1V3FxipBePXaG6SHlqpHnF3TWeWAGv73FdPofvy_uQnbNE29-mX02Zkn7i9eJcWP3gCa0hH7VvZE2qgKr5fqoiZWbkHgme5LW87XN7DesQvzdFcfhDzeTjbcfg9rtgIOPTrp9NAM2nZswC7uNo6XvD3qytnOdNRM_qpJdKYisyyNu3JBurPofqK0CXF4dLJVOgeBL4MDO03TV3-eAnmSAzRNW_CGaVEOxhtaYQyMzCtYMcZNJZ7nxASsraAsN6ojIOayxrqo38RibeurLhaSK9Mgxd_Kk1krGh7mmLWwn-y5SV7vTomh05sgBKWPKsfdQFMlNzNTceY_txSYIuY3_YZ2-8gaxdIJQYy9xZ_WJEcB9v9s7EdKAdaNaCrv3FT--an1NEpzEcRiK-r4SEs8WWmPGZmMYC7r0InzlAzPXMVv9VWMAN4bnwxSPFsNvw89llQz-9DAsLhj6PxezP_2rVlS2OrPCpnwqKQIAc7-L225Ka7AfyEe2JIk3meR1GXXqhJhCRRoFn-WSDcPb03E0n_xFwcusKuMwvrwrKm3utFfpFvag2n07N6VOFRc_9Y9ceblfvdnjDDWUG1AOMc1BuoeGYTRR9iHBPoa9abBJ3XamHowWjwwy3TrEDfzDHRAYWisXpv39Yfc63UrtOiUg-KUFnsb84yt-6PY2eTDlhmUCePAG8UiIRqiLIuYf1rZQTAcvYQ4ruE_e0_nzk-pPFmXtposSLPTDJ29qsQkdZu4WwK-wmatWnc-OkGR7WwYK8LEncM1dNNsImxDqJG8c52nDCGSwuWpadj23mtBMEn94YKrpSz4odZr6ty_kRn2z2F5TjOzMzPCJkm-Agajgmiuzz7n-gDvphSZJFz-anJVqrH5_BaranHCtETUY35JyXs9X6hh1Lqvjckx0WKn_54JQWrxqT3U8WouuCsGDwcLIyJO99A3VrLyUEVv3gsgDcu7sExX6wcrMhxrjpm1vQCXB4yQoRBh0K3p8OZWevL18-aesWApGvKu9DZzHEirRJjQc052k4vu-BhkNpHdb6nrFtqDWAPDFvlLbjiQjUVw2hQWh5HMv9K8aFPm5b74X-6r0NZTI3ReSx8sITk7si8OJHMyZKsS6nrWuclJu2Q99U12G4q3kXP-d_0xhgDdCmI0ydMdDhdKTTAiUy0OhPXRI_S2lmdgFwRO1GleO06NgCd2zV1V8aSJOBIfn-6uRpnzu1BXYYvZkz5OOSbE6KrHvunSBpfhDBPMTFy3bjcfKJBZMx2Utzy5nhZIrjIY8vP5P3aPCrhAqQnqTJMtQ&cid=CAQSOwDUE5ym0yxNpQ1CSexk6lNPFWzqV6olB8LUYvc_-e9z07u5KFd6IvPJuLEOkmlH19WDkoMFal4RbhPGGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=15081434006846603000&adk=1761367587&idt=113&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfe7b85aac9b20349eb05f72c97a2655cc659dacbc6a718a05dbc2fb9b4abc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30543
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9381 170 KB
59 KB 333ms
161ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 9381 8 KB
3 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8DA3PL9QREZSQRqjJLV2CHrq1Ovb6nA04bDMuSX8JbTalJEQgvd78WE-jMb-JOPOr6DBhcw3Op3-viGqvfCF9rukgqd6zKxTEuJs1FalJVvAalo6Rsg0CykYJhVvG0AVDtYaQg-TeFSrEgjoZ9R6ewjazJ0Efcp_fdd6g0J70npx_2gs&dbm_d=AKAmf-DrbCM4EY5kiAgAuqImwDbzg-WIYU9BvCqgRbKX_Z-a78ccmpVtWiG7cEdBumpaiwiP2dWRTnFxBihgGcJHMmNIYbfOhf2o1btB9FF-xzeET3iQVlirYm5rdW6DVZKuH511K-Ku0AqNx66GMZrNs68Uh0EGRuIt4N2y0eiHPqFLF_w2xCfuVTM5XpXztQDt9TQQkIYDemzkNcU4cr12j6I2p0PxpsIbEot9neJJzkoQ90E0lBR7TvHMQDIrZ0-ujfSUYxASFWGDsYaC-Cj8eRirwM6tMCLC5TSyohXEwDk0MmriFdDc-igkoOVmQmybEOoLhNw_jiECDXVLc0UA4dzhIQYMLHJcXWRt2Y9Jpik85kw3kMgSt8SfaIov9POoqGsKxlB2XxD8UgtTegdRs3Jy0a-8KBm-9vfulc6qgOApwGhBK2-zTWtccp4kRpC-5FHUZfNbDBe_RPawgUBn4BOlks5XSXGGAgAeNNZi7WjQg5Zkp0mr2JPvV_Gwjl6Lrq4BtAao4hqk5hY4Zj2qzY63Q_OZLMn5r_6kWy-hcgnfTE4TwV7-RlFnO3Yz3AQ0oh2i_rk2moqI-1BwCwZ0KarECxdFwFkcsyRoQkhAN4gHcHUg1O_3_7AhKrtXUa-2d0zuaLQ37WoTyVozWit0i72kViSsFW-8ZAL_LePNq1actV5K4ydaHjUM00wefkCRMmTQtm6da8xhS8pdhOkts4nBKhZ4RBELJJ0Zk7ZX_3bf-gncNjgn3n_6jOeZv3g3VY7hEnLevwRG88w6EQrrU2RC2BeHPe_3FNjkKQ-NC7f1ZMNjimWm1shUtbFnn7PumcxULjUcJNo0_2xiK7LIg5qcD-nWP0Jbigqzt7yk28zRz3Dl88FLERhuEi-k-8zhOcvIi2Rx6tB--9MIiXhPo4tZlE8L8fXvkWJ7kXaVraqczvBMoS1GQhi9NuuAeku9PiftKM6eBlB7UY73fYrGV20m1uh-ZJ0wqTdORLywNTMCxokQLqXrbyC_HfbVTMjka07KtlWCkQETil9OrPLZtvp6eH3Y8UaDJPhh172H7HOewp9DNysEc1moZ9l2M3j1N9mkNe4r6UJ_qerX8ILja7d7euSUJx9Qb_s4ILOYU3FhvUJegti2qe-yOnWcpsXM_p0NH6qbFeeDFUnYXwoxzglmPtemrld_QiFEK_P8xPa5zp1MXGgJ_iLe9ikaDdSV1SV5MxWMoKXnDy_CrEdpIXRKH_mKshMBfxXjhorDKBAkK7uQzf9LUQ--ovzn6PTCqdgrMLFHrAWCndQLPe-0rP8KWpkhFGL_SDR7yUuKYm16XYPgd-0_h1qBmxA633uoaAJkvUqzU95CsTnfwbUVy9wRId0ICFSw7YgesAS7nEaU9tJC0kxaaqaNNj2YGhW254x9gZNrrx6SnM1LYEdTeRECkguvjqdOG0XlIn3GiHWimVjiuSPNO5WbGybqiCrN4lLIsDAwE_niPlLJSPL-Ot_AgspJW7hHdxYEp8jufGw6JtfP6AqZC1PGSbbyHE5isSIc-jbqMJ5y1LaTAjm7zxEB55zsMDoRVzUPdygave7cHiF9TTU7HiQpc0eh0K_1MbW-oviA9ZkLB14dLvjG-FEGW86oen7IVDCDwbBSuInJxTHW-QqUQsWlmmyZtreBx11k2g9N4Fj5JaRF8kMoP35tXyh80wQJnm7VGR-McEPEnz_ACHfoS0CTSbZHjqD7olgSnKhASMTuXQjc5xoeYX4-nlGozq7LJGXlJOBd4g4k7QHrLYBX1KxIgqNZeabbHOmqAdEKJK1ADis0HePyGLucgwxFqhkzZkBeCj9Bk4TWkdFz31SanbPcNEEDbOaIi56ithcQCK9Rprg6UXkJB5QBkhYr3QywlGWk0VLIxaDHdzRTnXiYN6AwpNIcfz4OY2Srmk6HgCH2ZyXOZYPPPgWEVJY-N6LKCE8sLL0IVxhHfmbK4_U_AhLtE2NYHC0RZM-d9ltzBzPiWC8c_14vrUF7HhwC_UCe_r8vZ5cvoP7rLXchqWpnFNBlaWZKBAtxSe5TAADR7JEGud9PRUKZFk-VumMJY8YbnKkn-_saNTQBGgLBYqD2pvF7GrigxLb7l-haCx5B7w0-gISeuWzYNvdvKDsdiOUfwIkt8gwzlQ3xAIW7D6CYkG-wP1LIcLJjsoGVgZMBsTFcz8U3-fn7ylxw4Vg6utFE2S3FRb39vQX8arVaYHO3RtuvLDTbuj1FSBwR6St00kjOtAfvpVlXp7f7ERt-P9UR5R5AtbOmyoppHG2yvRyNPDRwhZVgbPB_x30HuvCWybzb7KQH77qTWpWlInlAHc_JXae7xddp5N8QIXnSy04ZtiT8hHtAfjmub4ebXOB0SLDCcWERCQwTZCOhzTzfP-FSeXeHkRphY1wNZKO1PDMsYgti3loycT1TKrcpQiIj4XkVtmQct6amzgp1ED8pIEPSy-N5YW-EfcNdvVSkb-zt8wJiQXMGWPwnp6sh4c7Z2Z-wFr3zhfHR8bxGpS-1QYNFjetF6OoIwHRH9Ak4-dp1zbopspu4vBdazgDo9tnqiEHsxZarlHxwgyMYhdkBvQ5yyEwTUNd0BYCSIBPv1pNNsZqBzBo61Zs71aUIr84MJwNAqL62L6QvgOlQOGF0sunq9oXXLCZrjb8s_ptz4FS9OalbCWDUIzyC3g1mL8HrCbv6JDK0-N32LRZZjdMKqri0pP8YJrDCbeRuFhLBIZKxMMnhcX0y59kygO9aQa2FDipiNz0L6W3gNcPU50zpBCFvDa4t5GpAF93h8obWh0sqj-fY5WtCgn9WD6EklNQJ4JrjwX_UlQKSQwp5F3f9hJGhjrmxSWHdtvTP_epwiH4CvQyhNrwql-he4ZgBKHMmLSuKxtoN7jQYSVAlkqF7v8Z6cUhndl1LqkLSbI4kDm3c4MZ3hOP1qyAeYkAAbsjLt6suJTXwbmRhW7_Bm0lVP1qTfZJOLRspi57tfzknlXERaRhtV2HlldBWf-cqm55kir3HSfl3KJaWOmnQSacJynKbpnkD45OFJI1kCppGXQcM-I5nH_ghR9IJINh030t-wNY0ACa9dL3rdOr0VfdW4AMUuAPrPqvSdMkUZpCSJYRtBOmUrGRTFx8G49rb8v63IGNuVknkrYz9Fag23lpLlal1DIDa2dAhaJPrEsCHLfw5nfp82rzlZ9T-h_NfqcTztByuGxYRXzy8ZLGT_tCElD86hHHIDCxjuDLD12vtRZSxF1_QlCHVVm5LlzEMAYQhNAZNgDbSG3lulsn6_fTFkFOXUrHWUN3xFvpmvAXd80nEm8t7DWMFdTx5joXzG4oynRqlMsFHuBXD6q_2GZpTAN5xEIiaS-PavTgWaORlQKs&cid=CAQSOwDUE5ymFo-Pr7tDsfMbPhNDPX2MhORZdz00-Nc-pSYJKHnUZUQuDNnyncnQZBphmrSkMmp0RqyxtcvdGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=14777551999713671000&adk=521587874&idt=116&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 9381 28 KB
11 KB 70ms
70ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 010E 170 KB
59 KB 289ms
181ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 010E 8 KB
3 KB 88ms
61ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmcT-NGlXQNHB5q-VQcG_4rXwVDNpNPU1KP6zkcglYVQ0Sb2_HhhsN8hIVhrCqNr5MSDRjZFghSRmxDLXrOUaoRBWQ_1wlhN78PgasktXJsDA5P_Jhnd-Y4s7n2lGjrt4cuSb-hT8vyH8uBAJllbpPxZssSDDMQkHtBkLzPzIRAnCfzqQ&dbm_d=AKAmf-BVyVsIudt2LHk_gfeyVCnULwjgixHPawfLhBHgGF-rS369C8RUuvjCCbfQTvU6zHQdu66jBqb0ByZohzd3bP2QlGzMJi2XLIKVHg8__irmnEqSaLSegWdPUvRi03F9F5f94Kyvnu7uo9X8nhPq1jWKgVcQxmyPNaLkMxND3FNnizOwFTxSaDXsz8YyVNxHhMSL242ztOXzldQ54P_1ET1NPkELXHOp7NoRzow8t-FNUcQJC_RXpEX0rEfgmhGPUgDBU_OQnEqI9qJHmMNP1RshMMEi6wViuDPrbI3Bk6tIwafWAgj_LyZ9FV3rYb0_TsVBiM-39AtWbM7Tnd3jgjaRLbQTBvlDGWP2-e9iPtKv0hOpK-ywRbyHyxrpU856alXZw0ytrWc8lmvJqW2xsIeBY-EPj40bn_0-Ufk1K9OYDTuWuVcE3FBE0X0ydLoicAeDrtAk4UuJXaXITooS71g7lj2wM5A1I1p8_BvuZQD-a0iQkkOqYgjnXUssHA6ha-cjL9JkExfHArZZtNPLD_sDStKAATlU7QM2HJqhBB8-j94OUnUA3Kd1ASxVSTGWwNZd699JcP3h1RU_1VLKYJhKWXFsDIBPC7qksMamXajoDBa4r03Gk7-Wl0GpEQwBGGwuB13olF34jIWNGh3FvV6AVSLkpliretNda3YnfGWu0_0SzZ9F41Do3qMK_mBVHYTrrxAoGq4BVSjIDpfZrsJbsiBbMGeJLpfnd_vqLcVz5kC4bcjThCwDDDFo14gpAsqssiV9moCliAy2wG-pT5qBKR79mbt39gIKWLjJc3SE3KPwy98g1BxHMveqXW8cfS8Em09tnKePUiR2qpglR1KMeNpnnAG-sgzoN8vgOUv-LH50nDz0AiP8kfirMTW5rlmnKF9WkOMtbRT1WSqu-TGifFtCoEfbX96oEmrUmvY48mAHDWzUN_Mra1Qpz7qTAoqWraHjQJl2SkngVzNNR6lRUw0hzWWDv34OWiv9XapNYWXG6Pilxq9vOB8wNyb756PUnlG2NTIrIo4IPoOMPGB3BdE-pEZwjIeI-7Rm-MSc1wPS2vuihPhB7g0jb20ZGtHFTtijqTujJ9FDeSS80YZM6xZ92Oindy1C4u72_bBlAVQVju8wmdv_IO-0MXQcpMwEuzAGnP3Po21rOU8gvYDGdnDz5fhWeNJZ3HCqmR4GfH-CTIoD21UEd6M51ezfP9ekrwMhz_2g-CsEnOJYpcI0TJBAie0AeqHwX3GPER8-URRSaICZArxtrFz8mA-ZTfuLUYq3kEk85yJ-pJBIZA2pVA8IEHu2OT5x5RkKi8JiZADESPo4MC3NRWPvTkN_KjjrU4MjasyHX6bu5e4haPaArYge72ysPUJwb1TCZqIt3lc0-PJQFqxUXGMOOd9rAWyBZuZPcExMIADyKraHmptRZUCO2Lx4oJLWeJCEeVzx6ASlXZwHR1U94HKLksj0GAle_nr3VNQ9HBabLVV3aeQfozUDlaF60SS1apEBeLpKs3Q2hrZ0tLVDCvrQN_cYSLDIhggNoPwn-bxMeFZuSNM-f0EhDwZ9LUoDiIPQViHXLy2Zd7aQ_MyHcklBAz6uPehBnoF7vwluZ9blIquDY9RxC0w6J1qpcPtEUpoCmE7ytTVbDlFBTMiUpSShnZ1JtnaRvKxxtQsLQCcAcMjARixE03AuxR9ITqPfjdas-D-D8ncJVLDX1gGFAS6gnrs9d3o8wKExg6ruJwTA_8laU1ehUoluJ2-VIntPhgpi-CWmPFftGVu2GOPZmDJxySEF4tfVgiFbF6oE3Dd4U7l4HR7nQn61L_qlhYRzuM3W5kzMkNETTXw67RiEuAvtD9deNU39kAuiGkVkvnQ-MuvBbZ32RPcRpe2qK2eCrZynEBNQP_kOVXFb8afaqOq1NdatllCdxDXM_-aCIfEnYU2p4t4L9L4JF5944WOu8DplkEahJ6fciHR6-zKvcRM9LF5gkiliZ6P7EjkqqAAhF14HxhOnOMuBZXLL08-0eWn7ST9hCER6k5i7JbgPEgziUGYNRxH1kEJmKW2E1OH4cTTYmaq3eJBcQGTeWzJEqyFirV2edCMp4icUmNIjQ_3VUUp6l1CQ4OMU0PuJJqJ6I4Nh-ZZiM0DkltIuN5yiFYdF9o7xXYPS00v-56RC3xaVexmtg3qcCTNHSUGu_x3-Ay_GMSS57wLydWMpUxjgAQ6dpImHxs5bvylVRr2ZY9UL3jFmlr9ICcZ4giZwdXeF-ianScQ6aYNM6D0xsrDA7ROrrZF9QITE1BrzIFHk89QQ7Fgf-uJemVqpaWG7JSwToQU3JIVvDm8dXsb1rgKLAYty6JWA3TT70HWCAZFiJPnoVeeiUlXeNJvyN9nUqkfPhLbqqdyQ29YmohaSNC60Rqoe-rYgS5nEXmzLI7q8a-QkpX5omzonkJDlt_d3C5mejMzex8LAMnmhHnkttNxotsUpDLmnxZtFbIw6M3ETLL9YqWvE2PXArjRqeZB4S1ZAfbwfiRFAG7TAitRiVwwN78ilMF9iX6lKCz865Z9OuxSSdXQmJXIyM6uwYhEurCtYSmxk6F4RWP77hKDAvAdKRRJyqMFiU332yWdct-SPAVHIeIMMFCUwIBxqsUCnl2k4XAqJJxbM0HWP5i6bEX3aIzkp-uDgtI-8MVf2GRLLtdRwfiJBd4WY2XmteigkxP3ZkLRZznEi-fcdsjGDmIZAkffGoP4k7g4LpxobTTW-VifjtNFf5QOUko1Lru8oncxG_CHD7MOYNA9wVyXrEUqHk6r6AB5KhRUcpkvFJFEc3WgwXWEkn4L5ZaBDIyMm_i6hx9pX5YJaQtJ_H7OjrVJ4DEQS80JNiEoQDzJeTOFf_Mkeycj-9OEu3CMBQre7mOdbp6IfpAX0TXe8dct9gQSsosIh-VgOGYCX6KneavK0R7-vHNZ5_xpN2riOV2DHDNdKFEgrLK8Gii8_ewmGX3XSnvAxoox_LHV1Ztp_dXgMo0H3Y-ndRdXHCQANsVuTo3atBRKM391sfkm6gbVg3tL2k5MRYFxr5jcG3bSMHOblwNub6yFYIEJ0_YyfMY6ButJWnZCTDHrhMwyr4w0Q1Zfb1Ngg0gwWN-UZagdCfst3RoiGV9BSjWula4MJ-YTmeqMvguAhXb6rkPfFcpj7m5YNq36WgReqDYpJUszN4ErvhNNiH6mmWAWi1DE8Fo8nLA6i6BOHFBryXyKdZIBugx0oSVyce3XAPm93EmwCoJ1xrXU4HZHaHnTK9IRTYAF7EnDW_hPUbiKeGVCiB-_J-F25TLE0G3ZIaVcLyAz-mzYYK2lfTk1QzpsyOEzSWP9A0aaifyqoFZCuXkm9mJ_eH9-uioCsQ2ehXLxDP4Js4FSm1TnvfktfddrqzHstd5xBmBXMFD2TjnrnOlTEmkQv0fISbvO-hw_0UNHTB2B4OxJmQmH6ugFVEgPzGCAA&cid=CAQSOwDUE5ymWXGWtLs_HXwAS6vRxi7NgFHkuwYhJiogdWMKo_XMr4yBooflfGZXBh-P3zJjwf1c3TverZmeGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=15381986973845551000&adk=2228999115&idt=144&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 010E 28 KB
11 KB 81ms
58ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9381 41 KB
15 KB 121ms
79ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8710 1 KB
643 B 120ms
80ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 12:29:10 GMT
etag: 48472445140208031
expires: Mon, 30 Jan 2023 12:29:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9381 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34298778d342b9e3267132f66c1305edb03baf5e1ac5753c6acb5ba3ec29ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 444E 28 KB
11 KB 183ms
169ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALsrawZk9ESeJ20XwEjRRIZ4w05SVCbLOZxe4yqZWxqzw7733Ifk-Mvd9DtCpuV9GXBe1TFr83aTH0KWNGA9TaUxY9wQ&cry=1&dbm_d=AKAmf-COXjS8F3sOxFQcxeFd_AbQbkuohYsONqlws6dpG7urUhHjCstFKO4VgyAPpMmndfmPNq7GrgVnyZd8UI5_M0qGDlH_3ADSfbsWV4QSL1SUEe7VLoga86cxwnOBTD9wUwulP_F0f_bbJTauF6hhdBeREGVeid2TksuD5wHuAPkdpxq_CrCKHaeUt5oVEIxUGatF3kwMnN5Cg1ahawhrFLi5BkGm4E_TugT48tkSSLzGAoUDobwB0AE1lrsYqPxjsDxgk2ghuk-fG7EOWujgqDy0vie0HkHb7qd4uB8DDSYH75h96xSmAjTCEl3mXJPNpAln6BAskzqqBpOzIJsJe4Dpr2Jnx8mG8Nfapl5Pcy-1eKgSGzwHAKthvcedBjSLT1e7-tLEr6JDz4T6hIsrJVry8ohd0lmx8gLLrebWEYMyfdby-UXVOwiKVYarbRmPvPkwWDYBop3XGUB0mGvCdlP87wYUXl9Si_mXeukwN9OtL3vApFG156uy-OalL8NboC_Ay9iBZNYJQ_X1Kxljz98sb9Utt3olOuaatjDDAkIwghOuQ0ExIwZKd7Sd16VDmhJVVBGYmHetVeGwnZd_AculbVgCFR7-ovOgd7UjEaB4aya3J0wiO05_ZJzrsz1QvPOtng5wMSTHN2eFh2c-RmsFN6hH-lCiiBA2iw_NLG7Lsp31dz4wDarq-NU6a4wStneLLpBwmWE2EHDSqwaZeUuWqrEwGadk3VFfLJhFm8_r1oniSRVMKW0R6HCMC1h8-2DIOw_u9RJazJKQJRyXdMPj8vJrPNrPCS-FDmBekKdLmRuHPtNPsr2Ud1J6lh-4ogZmifHFWMOvAdReHEBI8RZYlSYvqPz335m0tUhKLqqmQhnmNFHVpV3lQRnMQ4QGldztQPo5oAJmjyYqihMg356yj0jcUHMgsLK29HjYFgudyeFO-v3RJpK6o-f5vUAjsgLHPVa8YAwZfDkJsJHeDzHOrxQmXIuWvAcelqmqskeeFYYYCxhks_Wcdg9-7nc0ZgwKAFey-3JAo6ETv-dZzLqp1R2MhJ3hx1x8w7fhuYaFqMNiqbNUHso66t6cXnW-U4B5jRHgD9YuVma7Z-yUgv-tWo-4aiWrznFPOtUZyAHdaFPaYGLtygzfdT3IPHNfz4JdiL1n4gSBaZAa6ioDz-w4RFOozh1oKSEMees8yX8BoUVUOp5GFk6zMngytxfjV7P-5BvVH5NDITtCCY8fqVRBIBLEQSVQkH8cPh5pjGZeYAGFMm_6xuaJ8vYU2-3y5Ux05_XGiUH07-YAKnvIvZE3fXbqOB19y3Vs8HTFT9ussa1YEo8tNAePGpP7wnZSAbXg5x8O13wuuQLutZxjCdhLsiBjGa6SOMT55Zp5Tc54OZtdDJoBKzqJOZirDwpXeSxyRq4JVYm0k7PVkYfvmIVPUOi4Qju2E0Jb4LYqk_igESchlcod1XaMizq8zPmYCLQeqc08brlPp9QlW4egE9zPiFyw7LNpMT0Yzfp5Om75ZGNP1b15yubdrfkbGYxiiGrqWpSSl45BFQj2NayX449S3eTi-IpegcP6kef-8VM7HBwxmRWVvBG_mr5XE4kQB8WkJUNy3i0VFP8LomeIVHpfpuFsyqdqivIsPDfzPy1khkx1VRTNdsxIOhKEHsHCEyOqpXblY0omMmVV5b0K2kta3ZwOtN2jQhnjps6oMMSkhiAYj5VC-3oBMvfN4s8Yb4chXQ_5WpbD2mRKt48rB6NB3qCzlv1vHadPz8Y4kASrkYE1zk29lScFHEtllPapTI16FjTtNeX8crwcHZIZxP4iiicbNik8vrqWeCiSFx5j46VRp-YHhUDG2MCLckHJqphDUp0VKFKe5JEoql6kY5SDC10vHZJnX1qHcqXo2F4Nfb5sbutEEjC4hdsOb-h0koAMpgxLk4t55ArfQXoXhksEDszPt-Hh6WUvO5CNrvH_JUSIrSahG7i2kJYIuGXC41jusv00n1V3FxipBePXaG6SHlqpHnF3TWeWAGv73FdPofvy_uQnbNE29-mX02Zkn7i9eJcWP3gCa0hH7VvZE2qgKr5fqoiZWbkHgme5LW87XN7DesQvzdFcfhDzeTjbcfg9rtgIOPTrp9NAM2nZswC7uNo6XvD3qytnOdNRM_qpJdKYisyyNu3JBurPofqK0CXF4dLJVOgeBL4MDO03TV3-eAnmSAzRNW_CGaVEOxhtaYQyMzCtYMcZNJZ7nxASsraAsN6ojIOayxrqo38RibeurLhaSK9Mgxd_Kk1krGh7mmLWwn-y5SV7vTomh05sgBKWPKsfdQFMlNzNTceY_txSYIuY3_YZ2-8gaxdIJQYy9xZ_WJEcB9v9s7EdKAdaNaCrv3FT--an1NEpzEcRiK-r4SEs8WWmPGZmMYC7r0InzlAzPXMVv9VWMAN4bnwxSPFsNvw89llQz-9DAsLhj6PxezP_2rVlS2OrPCpnwqKQIAc7-L225Ka7AfyEe2JIk3meR1GXXqhJhCRRoFn-WSDcPb03E0n_xFwcusKuMwvrwrKm3utFfpFvag2n07N6VOFRc_9Y9ceblfvdnjDDWUG1AOMc1BuoeGYTRR9iHBPoa9abBJ3XamHowWjwwy3TrEDfzDHRAYWisXpv39Yfc63UrtOiUg-KUFnsb84yt-6PY2eTDlhmUCePAG8UiIRqiLIuYf1rZQTAcvYQ4ruE_e0_nzk-pPFmXtposSLPTDJ29qsQkdZu4WwK-wmatWnc-OkGR7WwYK8LEncM1dNNsImxDqJG8c52nDCGSwuWpadj23mtBMEn94YKrpSz4odZr6ty_kRn2z2F5TjOzMzPCJkm-Agajgmiuzz7n-gDvphSZJFz-anJVqrH5_BaranHCtETUY35JyXs9X6hh1Lqvjckx0WKn_54JQWrxqT3U8WouuCsGDwcLIyJO99A3VrLyUEVv3gsgDcu7sExX6wcrMhxrjpm1vQCXB4yQoRBh0K3p8OZWevL18-aesWApGvKu9DZzHEirRJjQc052k4vu-BhkNpHdb6nrFtqDWAPDFvlLbjiQjUVw2hQWh5HMv9K8aFPm5b74X-6r0NZTI3ReSx8sITk7si8OJHMyZKsS6nrWuclJu2Q99U12G4q3kXP-d_0xhgDdCmI0ydMdDhdKTTAiUy0OhPXRI_S2lmdgFwRO1GleO06NgCd2zV1V8aSJOBIfn-6uRpnzu1BXYYvZkz5OOSbE6KrHvunSBpfhDBPMTFy3bjcfKJBZMx2Utzy5nhZIrjIY8vP5P3aPCrhAqQnqTJMtQ&cid=CAQSOwDUE5ym0yxNpQ1CSexk6lNPFWzqV6olB8LUYvc_-e9z07u5KFd6IvPJuLEOkmlH19WDkoMFal4RbhPGGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=15081434006846603000&adk=1761367587&idt=113&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H2 200 3085590329248105911
s0.2mdn.net/simgad/ Frame 444E 104 KB
105 KB 247ms
42ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3085590329248105911

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f016ccf3ae88e50b138c2f0b65e94497ed25709135d8ebdf6e0f8f458748c98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:48:36 GMT
x-content-type-options: nosniff
age: 535708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106522
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 12:45:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 14:48:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 444E 8 KB
3 KB 89ms
76ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 444E 0
0 270ms
73ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFkKYgThv0Q-M3epGz10-2yTTUQMABGn_iGS8IaNWyycxhgJNMTgg8VUhFUS8bvmZd-zKVciJchXlMxtfU0UCToKCPWs0ZAG0ndVS9LBMkEeNe3ajnyxSbI51T6lQAgn7trvBZElDr-00SoqGFJ5BKzFRyhYPDPrhpaGQtIKKZ574ImwOg4ZBDBLMyh4SGNk4I9eZxc9Tr9PEqSFyV8LuAP6K72QlA17A4iyu4Y6Y--megOZ62BqhQcaksQ294x3a5mB7Q2W-I-7uh4enZoG3gDZ8cDFXgcbMSJYXcjfaMTpa7X1iNLHSmJlAftIP2TehSyv1tsqpUCPCnmKsptHceWt2Fur6O1KuYqGKs-IHy_OyXzFR7RCP9RtE4hlrB4RP5v_4YhBhnvKD73j9J1qZWYx5Zam-QKHVgK3aT82ghHw1LffOmxpKoYDGND5FcWw0rFiUCxznuxuKZNg1Hx7h_xXVUS2neywsh9Y4ymqadsKVAn5AS8ZnxUC6gZOY_CAvySK0_x_F1NrjTNQcP9ORm6KgyhI2fP5wLhLSRkrrMiPOXun__Mpw57xb5fawRnNqUVC5SxBqWPCnRH09qf_Wxd4-P1hh1JgOBzkI65ByURL2tXHMY44qSGx7IeHS278BE22LES0FPMR1ghd8AJadkdn44s1xbM2PniMsPmHW1tqZrxCUuojn6kInYb1S7S22EvU88w1Dy80bBtn9L7NJJJ5XkCtEg08bPJQDVy77OJ1w4-V-dXeve9V4dns_UZY6lkgcH72crTnjoCo0jrBDUQXm4bMsc5r8QcETIuN3yiA6Z4Jrh5OTeKe4H_R62OC8vk9AQ2Qbyt4jv5M8poQeWmmLPwlKCl6kJV5u5Gz01YhpCBVAWwa0BrLArMjke-62OClpa7pSN8kWskb5uo-ewuekC6eW8hLbd-iwB6EkD8yi1Z3rIa59oAefULvdEeQTZmHU3dCgpUtFi76HKIhvn0QWANL4Jzxe-W6uDLcmBW2fcEKR6KWzKKoWpypJKL-Og7v8p1A88vdJHuBb1jygaFVHQJ8XwJ51Lb3c0ZWrScCVBWWgI3zTSwSRsDpJ3R8CE17tuIVNDAnyhjipXlTES5f-IkQgvUW65tk1pToziJuPgLVrIAu2fjX_CVZAzz8DesZRiIvRZEL8lIAA70HgBWq1xqu8-Vc1zZc8vLLTct1cckJb6s0hUA0yxbFC1TEPk5CvTEDn6L0jItzGiolpJpBcFfimQQ7C57PbcWDU6864e6j9WSuM&sai=AMfl-YQTTTPyXWATZraxdKwC07JRFUxNoznhlZ4CtcD0L0m5RtLNHCvbOsChinxPF2euDHGU1TVynfMIfRvIxQxlQNRIL8Kz8KnT28u6PEpWG1lEAvBPp2OZZXP2sYLYReNjbx0T-vFg7fZAVexMyQ4KOEukDCGTnL9IcZ-7dbwpY2J_FqgOfhMPVS0yTtfOMGPSgnOiLCaip3ptW8SVmcwpUfwyUBeIpt4fifsV6bx_TJPyhBhNgU5d0boby3ZKcQq-7HYF4Ifh75A&sig=Cg0ArKJSzC--sNla1V_dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230124.91953&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 444E 41 KB
15 KB 82ms
74ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6B72 170 KB
59 KB 274ms
268ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 6B72 8 KB
3 KB 80ms
76ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnH3KJcoO4BWs0eDtsusdmt6eTPOTPb3_636HUYVW6aR0nY20Hwl4JjXTeHAimtTURIdMbiOVWT_rdte14kFttIG9JosmMxTBcI2fXsLLwMtHLaWLmJTUGPljtOT38hT54GReqX3H17gNFq3JHUCGXXYImzfC6zem5-xHOD_t9KWLwyjE&dbm_d=AKAmf-BHDH6ZSRp_zIUu9gjXl3LERX0VYR3QvWr9hpMkAqHRf47DA6EtZTfAs6GS3CsqblbU4kDG2yavtR3SCMuzBF6S3w9cBoolwzatclevv3xB8KwfAp5vdT_RlJBtyuGgoWUo3gbK5zxZkJnMbihS6BmBupoKn6iD8COiunHgW8zsQjHOQetlMQGuKN7kh9lkbKgUWhfit5sVZ6xQe6XGznu9SaTLDUuRJKdt-fUslE71Cd9mYBA26e_gcrMeWHNQXChQKj5d-pB4GoM5M_qKD_Tw88TJQaGfcJ_5ANHeRX8kYKRJJj-SEtskZJGDaMUr0EsOUVzdqNfrU4cVczIwWfI0O82b3WnJddvDWkka1QiuxYWcmcMRYTLfOKe3XIi8hBxHI-fH_UP97X_FQH-kKuFdJuRh8bEn8Qwro6q4MS73SsJ_cMQL2SoWokURKo2C7XwnSZHra3S2ouqH2UwMrUopGPz84b283MWyEhIqGIQ7K7z_yoprrAKk3Z_yj8LTMqvC7mQRSqHrBG_o0A5Lg1jQsvDhdnOg_i3xNWdgZ5HC0S1Xg-II6JOc_tJCwbMD1JsszaFjpK0Vd2PLse-D93Ne-samm4i037r-YtKdLrkanzzk-cka7RTV9wjh03b1575Fw5B7ulsqEcpWpkY3NFh3WguKjsF-vw7D85BtkXFCHwHBS318QBWo4SiHxmezPYUJfMhmnRpTOOycPv32w0hRlTW_3rjKP5abT-D2Ww8mqqJujkiG6LzwV7fnBqhtBaO9HkE2d9SQZDwycd2vq5Q9QseznYD65tfoXx2vResJ1jeJdCvtDiKGAWz8lJhdqs4pYhLHoXkOLfIniwLrom59DvjNXLTewCwvhcRe7v5m8IUxIXBqmfcQH0or5hD1dOSe6wA-f-Q1gYRmo2fAAE_hbtU_wE-AReNpC2rXZS0e8peIOh0BSaT8eaqf5MxC-RiOsZojIFcyX1zt32bE880doUdFng8XXNPW9LWuMh_zFeyZm7nJVIWr2yrfMZ57nugyXiTKcLofKTpkF-dO5deovD8pLUDXGeb6yami717rLggPgIE7G2iEPRjwKqYJXHd7hhTYrJQM-KlFwd9Nvzr5MojaURZ1yTTSpY0YxMshE-HEHRzwgMWLngMNlci_4RXneWtNj1Mmr08Y9hKQo_nZp5Zz0ZVguw9dmQunHxQb5_P520RBOf24yY_FgTid3EdAXRd7bR9qtTHqgpTPfO3AjLlGh1vsb2XMvyW0fLonMz4DJC2S8DpwqEhl8YhrJU-J5tkfKnDR5z-pcXHxTpeUzuJFuqKT8uuFsr2I7f4DoHzK3xTX4s5ZErmVUfSGEmLZZ8CBxg8sAMBEGm61hLChMCQUtcv9GYeLQHWZVv3srQHRSoaRTyVbqJNHBo8E92vOHPgOkyj8IW7wRrhEFa5vMW0YUYQ41aXYG8sD_kdO7Q0n3uruq6eDbcC-tS279Ua5Vv3hFFFuqb2_Y67HC320nu4JJHNbRPORCuZqN88arAgUs_RYngp_pyr3_nG7CRjFhWAp9_wxoRxBGkWRHPn_DHV9foS70Oljxvf6avf9ZjQ3cXENaoAwbDl38h8TwZKD32mxsHKx8xZUoiArLVcvZvoJZcZcWy0JDypC4ho1stC-nfY9iNS3q7vV4L49i3RW3CjIBkd3FN62LzxqhgY5FX9kELLTEEEJ7LYISwMCMAODlAFd36laSlsKIn8VarATzX6lIMzkal6V6kc8JL4UywpgxUCAL4IShCzOKVCJmNBKU9-A6ychcz6RmRXyg4PRhpU1Bu2SSW8WHtQFmBRG3SN2gilw2RMYvJRCda1MIb3PORbTGsJFxf2Q6Ov_2IRxMfKcAs-03u6MEFnFgkZ8Zu1AFDkKrIqv1W11_UjIb46TQQWuUpgkDDIvaAjeM2X3lrTf9-aQ2nEOo0yP81OgangPVjdaGAhXawBxfgtMafQHlMGHayyYObZGzi7j0DUsAbias0mnjC6glsA7RnPfrtqn03MowWRd_D4y4ocDI9-A5SlAmS5QI6jm4Ca12ZgdXuBBC7xpO8ddv6hD_LXtbPi3-q-WoTk6P1-qiacGGV2cPnibjqLAZc7hQ6y-qpCvCXEW1Pei-_6mYlGklvwUMEKxdBV60WBDZBIVjBY40uqJvTkqvTh__ZrwYGIzHmynKGKOIQumihuYm_D5Iy9SHNBpd686iR1ZiA6KoBLPrFIFXXOZDBsMz-s6_CSTMPqZ3KdAEwR_b0m37h3hLwqTUf0Rpee1OnQ_4_ytNGPhDzsIuJzFUDAs6EsUYKdycCoIiA7-7mMwyxoJSn11HxJWmQBrl5DPdvM4CCFJ6cloAPHgqTwqwhMEh2PPVTbFwxwdzlm4_LARkthEsBbZ8ZJMp4kvxgekP9m7tlSMq61cb6i8GmY4afRxiFzfjxkCCeNtno0rWzDwGGwoPNTTu9wHPTaStVtdUSVRtJZ9GqjobzPcIbiPv20VGebKVL7_C7ox3-zULaGKT6q5L4ZKJpXKVMxzBLPHUKM1HJxK9L4vcvA0Q7Z0v3T5W5SdzzfE5yfHgszqUcdVEjkOO4Ry3TJ8cces_fwkBS9AIL72nqpzrJJLdtRD6oIJ_XUvhh2nQeTQhfil_EBtOWl96UoGYbv4nEc_AoYPsBUUaLwii9LgbD-B_JgUDpVZypupwkGB2SpdtbeVXaj0Eardo6bMDk1tP4ziFs27r8FxUclaEXSzLAa3NuqI6ysWl1ZrN4SMEetSmaaRNXbUwfprH25g5uYq4F4Ma159I4mqSpwysBDttJPwS-sjKJCJgJZn6qB8voTmmur3iXrR5B12ULLVEvRIFISTrolALJHoROx1w6MHXq5dpoA7ycA4hHpH8eMKKRnfPtOQXfmNbiiA6OgCbUvydL1cGKOhLXF6FlP-1xqjxq1o5Hmlvv0XlrRfIxLOcNbDJIcwFO8KuCfnUYQutttPXLkW0LspltB2YcnSI3T-z2O6s1gJSDRDUDzYayyr7yiiUtQATqBozKtoIXQlJnupS91sk9Ik4ND_cGFenBIH0xi5to6_KpOUW6h77m_xKhmIGyGLUxsrxRFisgwRR7MCWM-qHR2Xj69MgcMNq-V23WtUo7LV2k5t18XOHfY55lHJBQplh9CMd_CWg_pufPPP7p8pGUwM0Zx_dpFfAKkP-lZv8uSSU_2wsRFaywgeD_z_Fr7OmMzyb75KGPlk3pgbIQ8bfGBanio7lgltu-K4IBtVrhpvALcWNkxTGv7qM3sbXB4FqCFIpkq7-kN1XBv2-DD6Y-LxLryNywFlmp8Xerqx75iSOaNrvFBYesTNpqwQYptIBGzBzOguDA2HFIDjUZetN-1fsgQr16UMnCNKU-GD2t-jj0eVaU1GerakF1v_AWhCqBiGuyqFDuYYmJ9PdacS8x6y18fnVRe1XsQ7Lvdnufu99PlK_yWvEejXOS2ZktyD&cid=CAQSOwDUE5ymU_b_zjRpfQ00CzDTck9NSIqu7WSM4d_Sxo8-pzMHz8khY_H1UyvFuDzZtAfiFoBerQqG4cjOGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.thedutchhacker.com%2F&ds=l&xdt=1&iif=1&cor=1284673251304354000&adk=250412560&idt=167&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 6B72 28 KB
11 KB 77ms
75ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:50:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 010E 41 KB
15 KB 147ms
146ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC73 1 KB
643 B 147ms
147ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 12:29:10 GMT
etag: 48472445140208031
expires: Mon, 30 Jan 2023 12:29:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 010E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19782db0ab29c281140be3ecd5d285691e78fc454c15a5b77c6581e727148c98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CD6D 22 KB
8 KB 57ms
55ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8005 22 KB
8 KB 59ms
58ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8710
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1vDugnaX4ILQNoc7GSrME&google_cver=1&google_push=Aa02lx_ijBmDyF1GMRReu5-myZaLLUA-r6YAjBBrklvoKRs0ziEUUwmWpMVGAk-_-q0xPsOaek9GEPH4Qa7gFBFpCUBhpQDAGx5BY...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgxMzg4ODQ5MTc5OTM4NDcwMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPACek8JjlNVLD0PQl8gOb0&google_cver=1

43 B
398 B

217ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPACek8JjlNVLD0PQl8gOb0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPACek8JjlNVLD0PQl8gOb0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8710
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MG10Q2lWRG8xUG1kdTg1&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAM...

170 B
188 B

95ms
86ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MG10Q2lWRG8xUG1kdTg1&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAMv9q-TzXhqlDuZ1gcI_elX8wxoK2P0dCcT_-JWEq0aV_m8KcelKtSIhwoIjC_auS2qpAnh-xjLZCOo7gfyJbc16O3yeyuHM6arYriNjtSiQpQr

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 19:37:03 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-764-ga8a59a9#rel-ec2-master i-0b5568e2cf029cf4d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MG10Q2lWRG8xUG1kdTg1&google_gid=CAESELJpn82U4Tly9zYlMuJ_MFI&google_cver=1&google_push=Aa02lx-S5-NlTmjgF0BtTgu4goRdfQR5faHz6aZg-Tw0YAMv9q-TzXhqlDuZ1gcI_elX8wxoK2P0dCcT_-JWEq0aV_m8KcelKtSIhwoIjC_auS2qpAnh-xjLZCOo7gfyJbc16O3yeyuHM6arYriNjtSiQpQr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8710 70 B
265 B 168ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOp_v6TRTC9X57FY_JQ4XWc&google_cver=1&google_push=Aa02lx9KGUaq7lWf0Da7L4DpimaaA0ZOO-3WfqipHBMc61d4pPGBUXt4b3UyFdQLSy81XR7L38NcPx_O97zWMC-m_cdz-Dy4gkj7BV19DTqv6HpoJrBRc2xP56kiQwVno_bMiFEldb2chp1tkFugmpxLOV4cqQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8710
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFA4VSnxTfbRKE8qUeJ2m5M&google_cver=1&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkx...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkxQ7oVjFKI-g5RtryDUzjv1FQPuq0e5yAXrY0R_p...

170 B
188 B

97ms
94ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkxQ7oVjFKI-g5RtryDUzjv1FQPuq0e5yAXrY0R_p4WrsXSOyxyQiCTE6Sw1_Cd6&google_hm=eS02STdYWFhORTJwR19LcEljZ2RQWUc3cTFBS1FXYnFsTX5B

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 29 Jan 2023 19:37:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_xP76OkcALXVDpMKDEF70coFIXCKt_zhOLkQbDNiy6JBXJ2pm8a5Ys2Z5vVuw8rKEyemweF88spoqCqss3H6QEOkxQ7oVjFKI-g5RtryDUzjv1FQPuq0e5yAXrY0R_p4WrsXSOyxyQiCTE6Sw1_Cd6&google_hm=eS02STdYWFhORTJwR19LcEljZ2RQWUc3cTFBS1FXYnFsTX5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8710 43 B
351 B 110ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKgm6kGpbqJx7abHh_doR_c&google_cver=1&google_push=Aa02lx96tqQgsz1pLDspg1dGMCofaoIQV2M4iCVFHrkhU-XegEBsfwMNb0EjHL22HhrpBoh-HURKRpBj4g8TwlPeOczS1OiqkvWFB-ky8FsCWtquHUi5O1-SVMokMGwMrStxjC1xS7HlvsUrnIdlv7rb35Af3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=925980703&adf=3285439437&pi=t.aa~a.841225771~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=1&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600%2C300x600&nras=5&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Irsr7w8G2C&p=https%3A//www.thedutchhacker.com&dtd=119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pc3r8tlhpg777g8i3h8vs627us8rd33s

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8710
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFId0lJh6DKYpnioP4wvQA8&google_cver=1&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uzt...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uztQBMiJtCi84ousJY31dcJOxK0KCavY_zvevSR...

170 B
188 B

69ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uztQBMiJtCi84ousJY31dcJOxK0KCavY_zvevSRM8qwGMJ5jc4JJp94QhpyZlv-l5Iv5JnIFmOzOg

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8XcNjPgEwvlOxJHgCpNcScxDp9N1cnuv3fDArpWCXx-pLoxh9ljr5RvccnRSdda8xgteKMIRjE-uztQBMiJtCi84ousJY31dcJOxK0KCavY_zvevSRM8qwGMJ5jc4JJp94QhpyZlv-l5Iv5JnIFmOzOg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 8710
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFId0lJh6DKYpnioP4wvQA8&google_cver=1&google_push=Aa02lx-DMWr6kMRTkD03oXdu7DW1U3mvgqqnv4eYhYnhOLXS4AlGTeH1bKyU-EVKhF5EBRAPURtLEJphW-x...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-DMWr6kMRTkD03oXdu7DW1U3mvgqqnv4eYhYnhOLXS4AlGTeH1bKyU-EVKhF5EBRAPURtLEJphW-xhqWToZIM5diIloF-2aS3v1KeZJQUMVqtHB3rc...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

31ms
23ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8710 0
50 B 69ms
68ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUFCRyhA5XgMyWU8QGy_wWSyU2XYHgf74lyPZBV7y2cO81t5AvJ2hdhrWY7LpYHIUWjy52JQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B72 41 KB
15 KB 65ms
64ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED64 1 KB
643 B 45ms
45ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 12:29:10 GMT
etag: 48472445140208031
expires: Mon, 30 Jan 2023 12:29:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B72 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7509061381a267c712df052f96b7f02872d2d279472ddc3317402b30f6a18dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E1E 1 KB
643 B 48ms
46ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 12:29:10 GMT
etag: 48472445140208031
expires: Mon, 30 Jan 2023 12:29:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 444E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1c00d2423df6944fa66ce4a041e0b46c5a72fbc99fc1a461b8bd5c421031c36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame FC73 0
174 B 116ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFv4-6cOBb4GH0BH4d-nZgM&google_cver=1&google_push=Aa02lx82fUU4kAx_6rlZAwiNHZQTYMCEI5csaSwq7l9BnAildi3ngXdCDjmSKFDplLvhPFZaqB4iMS3ecyewLbc4D8VbHWZhX8t7X_0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC73
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFtonPJkjL2fcC0-29pGmTc&google_cver=1&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnG...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFtonPJkjL2fcC0-29pGmTc&google_cver=1&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXT...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=d97278d8-eec0-4b28-969b-0fd86e1693ab
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=d97278d8-eec0-4b28-969b-0fd86e1693ab
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=10c600b4-7d1e-43df-8851-aa6bc568d0f4&user_group=1&ssp=google&bsw_param=d97278d8-eec0-4b28-969b-0fd86e1693ab
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M&google_hm=2XJ42O7ASyiWmw_YbhaT...

170 B
188 B

63ms
63ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M&google_hm=2XJ42O7ASyiWmw_YbhaTqw==

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_x-0jvNWhMKTQWuSHEOaoJ4_8E_D8olNpFU8Iz-nGdQQPqx52_mVKR9uC7K-bYeW-LRuK4Pnb9AicuXTQHfOnGgFrh2YLh18M&google_hm=2XJ42O7ASyiWmw_YbhaTqw==
date: Sun, 29 Jan 2023 19:37:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame FC73 43 B
134 B 37ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEItdTagbncXqjYFfyLghGEI&google_cver=1&google_push=Aa02lx-YkSF09UJ85bQ3iS8yzi2Zl21Qixk7I9LtzQasvsYNWE7MwYb9KNzguc-KonrdfrqMjfafn_e06rsLUVcu9GcrccCHUXkPow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lmd4d9l08hamqlgatl7ilags0e60lu04

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC73
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4ZEdZ-7xRwmbidK35GKssg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

90ms
63ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4ZEdZ-7xRwmbidK35GKssg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx86OjuPTIT48ur8pievfZhT9a9IC2r1yuDT3DwI8thkQpUJYj-I8O96Q4tzB1o6y2NiyetjNn_xZqo65bNYqOxF1RM8q126Fx0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4ZEdZ-7xRwmbidK35GKssg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx86OjuPTIT48ur8pievfZhT9a9IC2r1yuDT3DwI8thkQpUJYj-I8O96Q4tzB1o6y2NiyetjNn_xZqo65bNYqOxF1RM8q126Fx0
date: Sun, 29 Jan 2023 19:37:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC73
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkGmBwpSQKj7DA4QCwSr2k&google_cver=1&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZx...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkGmBwpSQKj7DA4QCwSr2k&google_cver=1&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZx...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE&google_hm=GEaZpGZHvls5q2OJR_e...

170 B
188 B

63ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE&google_hm=GEaZpGZHvls5q2OJR_eH3MEM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 19:37:04 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-vik4dBphsaLecwxT6tUPpOppSqveyYyZhyJb2miWUsinjphX7rpxBhQtnfmDwz4lk3prEKsr_p2LPOevZxKiSKrOy3X0cLTE&google_hm=GEaZpGZHvls5q2OJR_eH3MEM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame FC73
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOmDjeHuBSk3YeuLfacBrLo&google_cver=1&google_push=Aa02lx-spzPSg2cSFR1CTJ7zhUmifknDIY6U1_DZc_AZH_Cdo5bUfzXCLEjRzVss8ou_MCI9hR556o3cDCz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-spzPSg2cSFR1CTJ7zhUmifknDIY6U1_DZc_AZH_Cdo5bUfzXCLEjRzVss8ou_MCI9hR556o3cDCzwH_x38CjfKMS52N4EGoCW
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

74ms
23ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame FC73
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN_sHiFTmwLm8EuT8AdbWws&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-Zj6OHTZOXeRuqFHSIW_algXcCJAiMsrHJZkr4Olu8dLilSyApLcNzNo-AXzAD_1cWAVPWmKEC28K0kDCiiJTJryTYAFL2614
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

132ms
68ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sun, 29 Jan 2023 19:37:04 GMT
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FC73 0
12 B 70ms
68ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KL8ZLtY9YC6yWgRdqv4Wd5_ys6Ed8qD4qEy-iHtkGQ8KaNoTyuw7RVpkkMriaCnrQ34G9yFdM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=2715595112&pi=t.aa~a.210545391~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600%2C240x600&nras=4&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=3343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4N1ESD1x2f&p=https%3A//www.thedutchhacker.com&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 71CA 22 KB
8 KB 42ms
38ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame ED64 70 B
264 B 59ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMCP5MPlFez4igxOgHjX0mU&google_cver=1&google_push=Aa02lx8kH6O_B4bTyva55Lbn1E0zpNH5QE_mYaYRNIS861EO0wlDwZ9ErWcM8E9JYq2kgIiMb0QwfUxd4nennhIf3LD089H7XLNIIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED64
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL8zzYoUVB1IEi1JOOCxaLo&google_cver=1&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYr...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYrsNW3lMQ&google_hm=eS1fUmNCVTNaRTJwSDJQ...

170 B
188 B

63ms
62ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYrsNW3lMQ&google_hm=eS1fUmNCVTNaRTJwSDJQSVV5Zmw2eUozT2pLTFhxN2xsZX5B

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 29 Jan 2023 19:37:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx81PraPVlh69oOJnAUWa-3Kgepn7qL-gHCPqUgiKPQcWIZgQlouUWdGC79WjAKIsRs8iix5uMHxTRriAxxWZWdayYrsNW3lMQ&google_hm=eS1fUmNCVTNaRTJwSDJQSVV5Zmw2eUozT2pLTFhxN2xsZX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED64
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPiiQgwoNS6MxuHp0MMYRyw&google_cver=1&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPiiQgwoNS6MxuHp0MMYRyw&google_cver=1&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hc...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTc1OTE1MDc1NjA0NTgxNw&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6...

170 B
188 B

112ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTc1OTE1MDc1NjA0NTgxNw&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of3eLvv6PGDEwnH1_-Ufuu

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTc1OTE1MDc1NjA0NTgxNw&google_push=Aa02lx9j4CHBk4WnFkKzCNwqkEv2H54j8pi5B0ktxhFtnwVGJiRzTo1PJAkRKsvtNnVlJZMQ3hcdY6of3eLvv6PGDEwnH1_-Ufuu
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame ED64 43 B
133 B 44ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIv1LWdAoCSxbnT4deUINyY&google_cver=1&google_push=Aa02lx8YEWVrDZ4Q5iYHU4B6Y-1AOFuM55utpdRQC1WGer_czMepUoYeabXjy5qeK9PfAW6D2TwLVODHftJce4tIl4lMLDRT4bq9JA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 96qe1t971nrd46grscatvbml8meapg4p

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED64
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_35zSgtH_axq3aKBoQaLn-6YHaYSMOJ...

170 B
188 B

99ms
77ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_35zSgtH_axq3aKBoQaLn-6YHaYSMOJryXmUNjLlN1AyWEAp9LTtRGP0EWyVfBIJvVQwH3m58VcHVaoXyxfmY6KOA0ULV6ww

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXI0%2BuR7eSD5X3EJmEY8EM88RvgFT5A4XxhvH4zlpogMFVKTfUeO5zW78fSuWq6MKjSToOHxcLSwWftkNagPUQtJbFyQKYgLAUmty9UpCPVWoPKMKaUMRt3H%2BMVqmucLT8AmoPUyyEAKdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAZB8v97yUdAXsOD8x9ND4s&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_35zSgtH_axq3aKBoQaLn-6YHaYSMOJryXmUNjLlN1AyWEAp9LTtRGP0EWyVfBIJvVQwH3m58VcHVaoXyxfmY6KOA0ULV6ww
cache-control: no-cache
cf-ray: 79146b99caaf922c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED64
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOSBdp8OU5Iixr6ABQIkHOk&google_cver=1&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidci...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOSBdp8OU5Iixr6ABQIkHOk&google_cver=1&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yRs6N1B8R2ObN6wT6MSsdg&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtH...

170 B
188 B

101ms
72ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yRs6N1B8R2ObN6wT6MSsdg&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidciL56FKg

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yRs6N1B8R2ObN6wT6MSsdg&google_push=Aa02lx_lDsf_NENRyeK7IJRTvALb04wFAr0hEYrZPbwKkHi_E4tzgeNDCKDiR2V5NsrwUNdzKgyKl4HpkwngdtHZ3lidciL56FKg
access-control-allow-origin: *
date: Sun, 29 Jan 2023 19:37:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame ED64 0
45 B 366ms
26ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOXqon9054HNKNo4Oe5M6ns&google_cver=1&google_push=Aa02lx_rj0aQMtKc3gKCRaAUIiIbZdtQWjolOJT15eeQh4CimprvSFNcdzc0y2xtgOUFhYu5o6juWA5twkxiSEUv-gDHuAjPxSdk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3207727793&adf=1551834640&pi=t.aa~a.2940624402~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=300x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=3&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0&nras=2&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=yAlSa9IpWx&p=https%3A//www.thedutchhacker.com&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:03 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ED64 0
12 B 74ms
71ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KiSJFhaaX515HMPkDQ8jP2SUCtF1E3-Gl0cxByRAMcaDk1f4FeR6WBiUZY6bOKFelvFEQl

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9716 22 KB
8 KB 55ms
43ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame CD6D 36 KB
14 KB 52ms
44ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8005 36 KB
14 KB 51ms
45ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H2 200 160x600.html Show response
s0.2mdn.net/sadbundle/17794608782064484352/ Frame B4B3 45 KB
12 KB 81ms
72ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb93ef9998c2df650aae6af5dface0009532f3f5d504d41fcc84b95cb17b543f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:04 GMT
expires: Mon, 29 Jan 2024 19:37:04 GMT
last-modified: Wed, 14 Sep 2022 11:46:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9381 0
0 83ms
69ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4wx-YJ0J16dMQFt1CA_J02lTK19GXnhVVZ7mP6IhBccHOH-rns-sTqtHBWz7d7aJoDf8rc1RSsULycJEoebsWhLvrdU_8u6AEPnYfzoLmIzmWuuZ_j9Ng7XMi9mYAK-H_hkMfcBe-Nlb_OxELAMf4AS1At25IrkYPo9djTZzhFBw4sLmdrkVQFb5Jhzn0DC2s8BgvBCgfPalqA_JwWZ2XvavlpdfG261rVYeIpDzvlND8U5eWFYmx4B48UzHYZPvfzsR4Q2udzp-VodtpYq1ET47zkpFq6n4YcRJGW27uZg9Zd2qHl9Mw8pDnit9Fm2bS1Xur2LLJEM15N6fuCuCRja4i_eCBpSLwqYvr_JeQBKcYmFq426pVKY9KiVTbedscCzMlfAlmx-RKKDON-EnMExproZrgJh2qPYQAspf2wS9lh-mmxlGZeC1eYb8eIDnEl5hU5GclAsn9hRvQ23XwxjzCaPAqaeY1zmIgZ8-NYuXnuIBqh_N0RPp5lhXG0gmlrpS4nG40_izrAIepRLh7KM7DQOGT7U9kFPezctzy-yPmWW9GC3-ReScgod2y4y-Qi4D_gIFp-Wvy-D0JjOiWxAsrcSBTEsu1ccZ7dxkXDPXu5vxasfX8yGwMfTSI2OwSx_RBE2dGY1UQ4MZvyHcs3vxYEkF4HkRahIDne07XA7rvUttSmjv0cSRvQGxa0TGchYRmhH9fh5JhRHQEQu6Wg27xI2xzGneQCggaRSL8M8GvDQzAdjOFmsUxyuBiwnjER-dn7yZjJU4bEOcxBJyfIJW0qVtOOoFb6QKvTIGbTD4Ue7eTwAMIkiQeaSWlcrEX3RJ3xb_Ti_oWa3ZaJjMJwyGG1Vg5lwLXfUX5VH9Imd51t95PiQWk0RYhiC7sg4aoln0ExMY51viL_3YkvhZj-srhUlBWFMt3WW4wbqI-qGgWdxagn11e0awFLZCsXhf4HADFQnCDlfmlx6xSLpQMOdGzKGy5LyN93QedwvB0gnpfRVZPFO2AB1Bk_VYX5N-N39cR6f6dOYiKtgYnMdovY2FXO3IxxDTbATgxD0AU7ojzdBfSJo7Ln9e-hEbgU5M8gbXrIr7UuNsCTZ-wLNxr76wp6I-f15J2NAwjs4Xv1YPU0TsOhP3g8gleaKUkVIQS_Dv-PzLzQg2XvoG4Fv_-nbNa3aOfmrDSo2ThZsD-rACdmzt8UdUbh_ITkyHg4yBsxL0VwGpVA_iggDzIhBCfetnKDf_as4dMhPd86cbIatfJQ7J2875VlL75&sai=AMfl-YRgcAaYzDz0l-tTlhaYeeG-obNiMHnmAj8Zyq6LAt2NN5HbbpCV6E0QrIdHEKabhLcdUJEEjrkpuV-jYATpFIEPqfY2EMRcNjS3oUtPr2HK2985rgzbTVJIXa5cNwHbg86P0EbNOivZNR-A2RjyHnHDrSNalteYazIyN9UmklG4PeU4MIjITuXr31MMUxqK30b8pRv1LfgX9ZWM68tPLDMfFRLml3AUpO3VLzmkLq0t7QAOzyfLvkpdyuiijoovACkWEpX4_kA&sig=Cg0ArKJSzPQoXk2FQHlhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=456&cbvp=1&cstd=449&cisv=r20230124.97246&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H2 200 300x600.html Show response
s0.2mdn.net/sadbundle/9449438672546955264/ Frame FF78 45 KB
12 KB 86ms
71ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a271850a259b8fc2958e0368e90b8f57319c36737c6c385d7d1511ed948052e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:04 GMT
expires: Mon, 29 Jan 2024 19:37:04 GMT
last-modified: Wed, 14 Sep 2022 11:47:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 010E 0
0 80ms
68ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss88FqP2RG23L83Llld9X7FR0Lup8q2hmaPiJf9ezPoyYGiSr5Ar8Xh0_Xt4G64RFmwCs9dutt65Fk41OrKwJl6hshDW7WxOelItX9r8vq80BbaHj1Wn3ZFUArv-xU7oGoNIeHK_KSHzKJsYUoRk1ZH-hy7GsMXcbziLQcC0sOeNUw8sNuvFnoeDVjE5CIHsaMS19uUPFpwreyR-SMPeZU8ocwB8RHSRif5I1BLavcnvsUAVihOPFTSSjmbDqktcdL1aT-RN4Mx8OH9AvqbXfyKfWUAwFNLbZWRZT15Sfdf94hD9ZPyPHw_JPIskSEQBuE3N7B3GQ8i2lfgDS6d3SXZ_6Uxeqc1zcLZWGMLBtx-8ySYUPcJ-YWvwY_NeJoxe_8Zwiim3lV_Yadna-A4Q7OQGFt-OmAG9mwBLmuj46Z6E3rOuvMXTlcJTIqKa2keyz5T0fandb78hjV44hJk2Ja0mXTl-lKZr-Cc8asAt0A3UweZkU4cG2csUGLKhAqPDlyz6kKvUHGOq4N2AbtLp8VuWrGKDEN6wJlg_aNjSKYGruz8_Qq9zvA0kbwiQx2V7BkoBcCxRxu7FyGjhcA21SLv3UqRvlnqvN1BJmauyfZg0LTpP1scoucG-LzKxlXk3-HheEAY9u3OdVZCzi5CvUrPEoBzkF4FCf9ARvJzRHSmEDrGeOptMDWJlqgRfEUQo9kQC0tTcKof_q0Bq01Q3E2JJOGeUL5QTX5c1hjDWjuYmchDNWX1xkAo_tBp1OWWBF3wFiuN0U8Twytj6OwDXxkvPv1SKUEqRVqbDAPRyuY-ea7FvUjOw9LHmOGBnwxbHgu2vDhvuWjnYD3f5Ef4tlcGiD2z6dUcrrzLLQF_wlHx09mMc-cDyWWJtIxfwAuBZE3FXoa2YOw46Y5fUjAEG-kmNADsvh3w_EGNvL8KKBNOlkpDpYoqjZfTm6KBjEBQbwH1CtPxlp9GbZol2vQ9R2xgIBdc4PMmxd1hfdPyeAwyMfJlQORfjgVGrlsKOiBaDWzrG0v446IP0GfIYTrx4F4L11A35ouqwb6sZhx2MxDS2FbvJBVT6FDW1bDwtqAU8xmnWfvkcuuCqVOoETr4sOmXdM93vQOMQwMriz-Hj56xU2bzinZm2UgMQUcZlvnd2jkBqpKiwnplHIo9zweXNjgFTPG1xrpICTO9ZSIq6Iw0j3Iv1Iyok5Zz8jvzC85MgVx-9073d8ZpY_zS4CqBPEc7o8YLz6khm6RUASNp9w-fZczdPKru9nh1lwiTWxz_fJ1gfjuil8Lf_80&sai=AMfl-YTr7GdDLF2xSlFv7UwoVisJ7frJAigrfZiQTm4K4r2HATZoE7HtOh6v-yUcDXyzWLIqy6NwyKWwHS5Xnf2ttDutx2nI4eZUe0dD3AZubRXEsJyozT6Q8fkHkhbl1AetewHmSAD65D9-GNDh_SuTwKf0q9D-SisufiPQW0tcmIjUgjoIAT5VFp0fqOVwnqg6lINXZ80crF6W1bRsvERoYN3hRlKyuG6uEh0x83ZpoDICEF1iMzNAAZSsWQRTPL84EY9mK2WyAxo&sig=Cg0ArKJSzB8fGkBv8th9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&cbvp=1&cstd=408&cisv=r20230124.28108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E1E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELk5vS9naWNrnEjen3-hKnE&google_push=Aa02lx8P_2alv7IwJlfvyOHkXVv8YCxzx2A_fpT-dOT4u10cXJtj12wOL6...

170 B
188 B

60ms
59ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELk5vS9naWNrnEjen3-hKnE&google_push=Aa02lx8P_2alv7IwJlfvyOHkXVv8YCxzx2A_fpT-dOT4u10cXJtj12wOL6qI7-Rtd64R-wFwFuYo0kbD6UHV1eq_02zBT3Zl75qW42X3bekehi-lc6yunMaEoqjPsPgoS75mpMAIJiIuuht7SxsqNzUBaJexGQ

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220077-HHN
pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675021024.494914,VS0,VE91
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELk5vS9naWNrnEjen3-hKnE&google_push=Aa02lx8P_2alv7IwJlfvyOHkXVv8YCxzx2A_fpT-dOT4u10cXJtj12wOL6qI7-Rtd64R-wFwFuYo0kbD6UHV1eq_02zBT3Zl75qW42X3bekehi-lc6yunMaEoqjPsPgoS75mpMAIJiIuuht7SxsqNzUBaJexGQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 2E1E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1&google_push=Aa02lx9BOyJuNLW2LH7K0UU4lyXAuunSgEWTlZc9j1nHMXykCzEavsymBnC1xlpLxk-Rf_zEkR7IPD4E-9f85N6g8Oz9...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1&google_push=Aa02lx9BOyJuNLW2LH7K0UU4lyXAuunSgEWTlZc9j1nHMXykCzEavsymBnC1xlpLxk-Rf_zEkR7IPD4E-9f85N...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=720c3d64-eff1-48a1-8dc9-53b117d1745c&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=2XJ42O7ASyiWmw_YbhaTqw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1

43 B
145 B

25ms
24ms

Image
image/gif

3.68.131.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1
Protocol: H2
Server: 3.68.131.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-131-77.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKlUEXKN2Hqdz-garpO_Yso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E1E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENEiSFk-SxTOqx_uoZHChzU&google_cver=1&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENEiSFk-SxTOqx_uoZHChzU&google_cver=1&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1Nzc2NDIzMTUxNzIxNTM1NQ&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB...

170 B
188 B

112ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1Nzc2NDIzMTUxNzIxNTM1NQ&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z2Lgm4eFCz79W2MmQWu0fyTbQFM9JXDU8H3eUDySTO3hFck5WGmYaWy-nK8sUrUv8hXO-Y6EatwkomQ

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1Nzc2NDIzMTUxNzIxNTM1NQ&google_push=Aa02lx9mmlz5P5xSpl_s8Vc6-esksCvQ4GFwuO6zb4_Ua4g6ec0J72Wq5R65rFMQsslUI0a5a7_xpB1Z2Lgm4eFCz79W2MmQWu0fyTbQFM9JXDU8H3eUDySTO3hFck5WGmYaWy-nK8sUrUv8hXO-Y6EatwkomQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 2E1E 43 B
64 B 50ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJi8MD_rBv7BDz1PhJ7rM2c&google_cver=1&google_push=Aa02lx88DF_JfBWwJoooqZw1N2rDzcBZ5F9XcXuPCYxmTpqLia-hmYvZH22GULtIig0IbHCGY73GOuVfFYWSfXlpo9iHI-2HaG1AP_ZgPai7kdJlKWDZhQ9tPjy4Bj4UeCjXmkdgpPjzQNGC3VRNS9BkvMH8Hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639585684811700&output=html&h=600&adk=3898893158&adf=1690612086&pi=t.aa~a.2594507593~rp.2&w=240&fwrn=4&fwrnh=100&lmt=1675021022&rafmt=1&to=qs&pwprc=7145397281&format=240x600&url=https%3A%2F%2Fwww.thedutchhacker.com%2Fmitre-on-tryhackme%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675021022790&bpp=1&bdt=2398&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6708fd86712bf8ed-22e0392879db0019%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A&gpic=UID%3D00000babc6e1c3af%3AT%3D1675021021%3ART%3D1675021021%3AS%3DALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw&prev_fmts=0x0%2C300x600&nras=3&correlator=6877688760515&frm=20&pv=1&ga_vid=756688161.1675021021&ga_sid=1675021022&ga_hid=1399849353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071792%2C31071854%2C31071578%2C21065724&oid=2&pvsid=1257907978918382&tmod=2078626844&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=OUJiIReOPS&p=https%3A//www.thedutchhacker.com&dtd=111
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: t7d5a41c0ckhciahagq3fbotear80cbb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E1E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_pg1T5PY7SAsiIPLOmZLc-YtXA2XrAV...

170 B
188 B

88ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_pg1T5PY7SAsiIPLOmZLc-YtXA2XrAVv9MgzGDnfqtRnbZq7YTTnGICL7e49_oaDHH6OVQR_CY1fo7J8x6lcRZez9PulVgl0-EziLLWuK_ZXlQQ6SBVU1_wyuPSxoDv0QHOGye-cXjoAv8fFp2vpTJUw

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qVI9sGpMeNzpN1ajJ7S15ZeDAf5JQl75%2B3dYKFdAZK0KdAJEOPP9AFQxKeWEb9EABPu4Fnwz7AsohQORzS09oVmMc7lpvk%2B9HH28PiEWIWjwgRN%2BMnW%2BhxmDQZgnGOVbqqcMvghrFs5%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAowd9k_G3JOdNB3_s2Z_Wo&google_hm=Y9bK34YeyI5bJioQZZdUagAAFCgAAAIB&google_nid=index&google_push=Aa02lx_pg1T5PY7SAsiIPLOmZLc-YtXA2XrAVv9MgzGDnfqtRnbZq7YTTnGICL7e49_oaDHH6OVQR_CY1fo7J8x6lcRZez9PulVgl0-EziLLWuK_ZXlQQ6SBVU1_wyuPSxoDv0QHOGye-cXjoAv8fFp2vpTJUw
cache-control: no-cache
cf-ray: 79146b99fb06922c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E1E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEn23NatincZ1xnQrVt8ODw&google_cver=1&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEn23NatincZ1xnQrVt8ODw&google_cver=1&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZC...

170 B
188 B

62ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZCP6CQHs0miLU1Z_6jm9-rh8eqQ&google_hm=GEaZpGZHvls5q2OJR_eH3MEM

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 19:37:04 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-k7XQb_z4GF2Wclrb7yZd2aKXz0ONZqygSpziXAvZSLDYQCsczW3poESmtuz79_EpR9lsHJLw3Ird63i0E2IzuCoLFR22-5BrsKGuXRIW3oyv7zXbfIDnF-RP4uFeZCP6CQHs0miLU1Z_6jm9-rh8eqQ&google_hm=GEaZpGZHvls5q2OJR_eH3MEM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E1E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEyYRB2jEm_WEA2PDqdlHhI&google_cver=1&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsEL...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELR...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MTU4MTA3OTc5MzI0MTM2NjU2MA%3D%3D&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA...

170 B
188 B

65ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MTU4MTA3OTc5MzI0MTM2NjU2MA%3D%3D&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELRy3XnKiqAbfKRxDkMwRijoFb0C3z92vqYWjYSjK8qVFJYIdPpFtB-oLSuJwA

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MTU4MTA3OTc5MzI0MTM2NjU2MA%3D%3D&google_push=Aa02lx8adRo2ZDE03t8FYIbMVFNqa8ZztOML22nIcRSx8DgAAPpX2mXA2KP_No_mVrFC6L5eVoI_4DoM9n893_YKCXta7IgsELRy3XnKiqAbfKRxDkMwRijoFb0C3z92vqYWjYSjK8qVFJYIdPpFtB-oLSuJwA
date: Sun, 29 Jan 2023 19:37:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E1E 0
12 B 84ms
70ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsGt_NGqiSMq14ZplutR2M3MPvBzE1aLIgLD7q5cNiemaHoFfw5RkjW8cgRU8cfkFQGKis

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9150192991151314574/ Frame 4D46 15 KB
2 KB 88ms
73ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ada068479e37083f09e08e6d1784a3355c9cf16c6b4d78909dc606220ce7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2279
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:04 GMT
expires: Mon, 29 Jan 2024 19:37:04 GMT
last-modified: Wed, 14 Sep 2022 10:35:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B72 0
0 99ms
90ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoLVEDA4MlTSyFTj495NU8gipbFFCNQ_D7vt5x65hUc7MqWWilXvoZxF3R1NP_g6fogzdFIMTEDlG7ixJeYetcwMOaBQLh-5AMHpgUwjpDxY8jeWCDhOmYBb5On_mMDMlBHSGC7wvlmyjFl-58mJN3Z4PtWwmA_BEYammWGPWJVifg0wvAt8ef7HDPnHDJsaKFs2m9tRoJ6MX3HH1hg-eJoovPDEb-dKd-zo_qyna9YIzqzb8Clgwv7tvGxWGoosfJLygxRPRGqkMey8JYfSnkOLVdU0AoJj2hmG_URAn58meO8hbEdF-sjDvYKEHLPvfMbt2mcIYcdukaZ3dDRcZVKY2a1O5_qicr1TVo6E1sJXYY8KLNPM7i5-tQC64LYle4q6rn-zHPZ6zw4ZLzA0WHB6L9DH2S0J6mZyUcQBIvT-ETnvCJqzgbaCwkTgxsLBIXVALji_7TchSK_nOYxGaYPYn_f_4ABc18opqXxuqcKMrGfiEO7ewH0Zf8LTxNDgBeEHXsal46fGXi1ASz5SzceuXQc45fzoxBWZqxW858sSp2X19wQpUCEBwFvdteZjf80bUnmdBw9ZwV9UfXKTLKq1PFmcVpHq_KPjeWTpHwT27T8ZbgNwsRQs4WT6P4ylTzeGRjWpNkc8wFmfIRs-McHxK1Z4VpyuAqnB1Vb690-25L5xUbanVdCk28zhHkMykKv6-MPlAtFsiXH6iZmMN5CAmAUGcPKKqnmWsMiTBGcjbx87IpQZSpkp3a9Tbm68gD9NYij0EBeJSZ7cddzEPYv-xQYiMflDrdN2THAUyXLxl1n4ZUeY85FB6yTbZXe-g2woeqdVLugOqy5EHIpc2mZMUFpnzI_fsicx_mlU9_ayE1jC5HsZE6GTWJJ_ab84iDN8avZYIQk4Eox8BT7X2C6QUquZAHKk7qodA4w8Ozu5nRyuSoGctJdeJm6UNOp2Vuv5g0t7M01qmqtxrhOoGtj_4Z1nzXUT990AglaFaEniwg9Jr5YmZc9RHvFIyvIoGU5o_Wtc5wZr-Ra_WZF3ukIXatWj3XBYdui9GWL92zMTJJs_1V_Yt89DaFuIQRl6yFGer41TwX_1OqkXKB7maOdNw5Qa_6F82yDtEodaf2BXf2ZG04t5cLkxWoEkZc6ynIevYq26zSdhn_nQQgLYooKoTwr-XdrSsTIGFohzfHaGUUXvy1XY6YU30VnmU7M-nYJ7MtI4xOLL1t-D8k2GZ6JdWcTkm-vRXgiSknBpJQGY1H8_-plciksXI_OQTZ-XNzEnc7Sj5ZybiOsBk&sai=AMfl-YSWhCYq1F9cl3KBct3WMPvtQHdwrZ16uWy4_4uqBOCFKSNWHOT_pyNrtL6HpeV0MOOBP68DadBmS0l-QwwnNEEsAB9Bmm_NxlMolHWaUMraoJjYJeKqqfRRN3H7l2w-8LrOD4oEvlrupJa477lnmoCKSTYhEDAfavGknc8-aYdLfNwePeem2pdyFcujQ23OUl9NWOtu9abbAS_qhDl6y4wz5WJWwf1RrvXQCOGW2lgqP_nidfVAK3C4tBCMU1Em9sIdbU0ehVI&sig=Cg0ArKJSzBcQy1BF1DtHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=350&cbvp=1&cstd=346&cisv=r20230124.05305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 444E 0
0 90ms
86ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFkKYgThv0Q-M3epGz10-2yTTUQMABGn_iGS8IaNWyycxhgJNMTgg8VUhFUS8bvmZd-zKVciJchXlMxtfU0UCToKCPWs0ZAG0ndVS9LBMkEeNe3ajnyxSbI51T6lQAgn7trvBZElDr-00SoqGFJ5BKzFRyhYPDPrhpaGQtIKKZ574ImwOg4ZBDBLMyh4SGNk4I9eZxc9Tr9PEqSFyV8LuAP6K72QlA17A4iyu4Y6Y--megOZ62BqhQcaksQ294x3a5mB7Q2W-I-7uh4enZoG3gDZ8cDFXgcbMSJYXcjfaMTpa7X1iNLHSmJlAftIP2TehSyv1tsqpUCPCnmKsptHceWt2Fur6O1KuYqGKs-IHy_OyXzFR7RCP9RtE4hlrB4RP5v_4YhBhnvKD73j9J1qZWYx5Zam-QKHVgK3aT82ghHw1LffOmxpKoYDGND5FcWw0rFiUCxznuxuKZNg1Hx7h_xXVUS2neywsh9Y4ymqadsKVAn5AS8ZnxUC6gZOY_CAvySK0_x_F1NrjTNQcP9ORm6KgyhI2fP5wLhLSRkrrMiPOXun__Mpw57xb5fawRnNqUVC5SxBqWPCnRH09qf_Wxd4-P1hh1JgOBzkI65ByURL2tXHMY44qSGx7IeHS278BE22LES0FPMR1ghd8AJadkdn44s1xbM2PniMsPmHW1tqZrxCUuojn6kInYb1S7S22EvU88w1Dy80bBtn9L7NJJJ5XkCtEg08bPJQDVy77OJ1w4-V-dXeve9V4dns_UZY6lkgcH72crTnjoCo0jrBDUQXm4bMsc5r8QcETIuN3yiA6Z4Jrh5OTeKe4H_R62OC8vk9AQ2Qbyt4jv5M8poQeWmmLPwlKCl6kJV5u5Gz01YhpCBVAWwa0BrLArMjke-62OClpa7pSN8kWskb5uo-ewuekC6eW8hLbd-iwB6EkD8yi1Z3rIa59oAefULvdEeQTZmHU3dCgpUtFi76HKIhvn0QWANL4Jzxe-W6uDLcmBW2fcEKR6KWzKKoWpypJKL-Og7v8p1A88vdJHuBb1jygaFVHQJ8XwJ51Lb3c0ZWrScCVBWWgI3zTSwSRsDpJ3R8CE17tuIVNDAnyhjipXlTES5f-IkQgvUW65tk1pToziJuPgLVrIAu2fjX_CVZAzz8DesZRiIvRZEL8lIAA70HgBWq1xqu8-Vc1zZc8vLLTct1cckJb6s0hUA0yxbFC1TEPk5CvTEDn6L0jItzGiolpJpBcFfimQQ7C57PbcWDU6864e6j9WSuM&sai=AMfl-YQTTTPyXWATZraxdKwC07JRFUxNoznhlZ4CtcD0L0m5RtLNHCvbOsChinxPF2euDHGU1TVynfMIfRvIxQxlQNRIL8Kz8KnT28u6PEpWG1lEAvBPp2OZZXP2sYLYReNjbx0T-vFg7fZAVexMyQ4KOEukDCGTnL9IcZ-7dbwpY2J_FqgOfhMPVS0yTtfOMGPSgnOiLCaip3ptW8SVmcwpUfwyUBeIpt4fifsV6bx_TJPyhBhNgU5d0boby3ZKcQq-7HYF4Ifh75A&sig=Cg0ArKJSzC--sNla1V_dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=369&dett=2&cstd=0&cisv=r20230124.91953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 71CA 36 KB
14 KB 96ms
63ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B4B3 118 KB
40 KB 68ms
52ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B4B3 63 KB
25 KB 116ms
100ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9716 36 KB
14 KB 82ms
56ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FF78 118 KB
40 KB 84ms
62ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FF78 63 KB
25 KB 157ms
135ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 1661867165592.css
s0.2mdn.net/sadbundle/9150192991151314574/ Frame 4D46 10 KB
2 KB 84ms
51ms Stylesheet
text/css 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2030e278a681663d2dedd6ed24b6cc0baba1da3df22a5db62d3d428c2cf0bcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 15:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2405
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 15:23:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4D46 118 KB
40 KB 121ms
87ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 1661867165592.js Show response
s0.2mdn.net/sadbundle/9150192991151314574/ Frame 4D46 34 KB
11 KB 125ms
91ms Script
application/x-javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/index.html?e=69&leftOffset=0&topOffset=0&c=LDPr2t8D1r&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 02:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11482
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 02:12:05 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE3B 42 B
174 B 115ms
60ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKD-jaJCALYOUFBquunZhLjFYvXxHgkD8mjYQXcoyxk4JpuDL8ozMO6_ssuEzlydLectnS_s5Q3kW2RwsIrJkFhz7bNuTKRjphoW85vPCmxGBiI7B232KUZQs-f0NRwrkkEoZmmA&sai=AMfl-YQIam8ApCgapNuwWrqHhjMj3eqp6RjLzm9GQMGp5IFU0jD0jAMSYsYMWIjodoFCSBwepIHlE7LZDGy0uIE&sig=Cg0ArKJSzMUR1SmZ21ASEAE&cid=CAQSGwDUE5ym7NYuLpVyZ5eZtFCdtUrdEByv3Gzl-BgBIBM&id=lidar2&mcvt=1015&p=0,0,124,1005&mtos=107,818,1015,1150,1150&tos=107,711,197,135,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675021022962&rpt=297&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B4B3 7 KB
6 KB 81ms
76ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a88fec7b8e5916b0d96d370ae731240d8bd206a5bc3a141f307b95e569d94923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5709
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9381 0
0 70ms
69ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4wx-YJ0J16dMQFt1CA_J02lTK19GXnhVVZ7mP6IhBccHOH-rns-sTqtHBWz7d7aJoDf8rc1RSsULycJEoebsWhLvrdU_8u6AEPnYfzoLmIzmWuuZ_j9Ng7XMi9mYAK-H_hkMfcBe-Nlb_OxELAMf4AS1At25IrkYPo9djTZzhFBw4sLmdrkVQFb5Jhzn0DC2s8BgvBCgfPalqA_JwWZ2XvavlpdfG261rVYeIpDzvlND8U5eWFYmx4B48UzHYZPvfzsR4Q2udzp-VodtpYq1ET47zkpFq6n4YcRJGW27uZg9Zd2qHl9Mw8pDnit9Fm2bS1Xur2LLJEM15N6fuCuCRja4i_eCBpSLwqYvr_JeQBKcYmFq426pVKY9KiVTbedscCzMlfAlmx-RKKDON-EnMExproZrgJh2qPYQAspf2wS9lh-mmxlGZeC1eYb8eIDnEl5hU5GclAsn9hRvQ23XwxjzCaPAqaeY1zmIgZ8-NYuXnuIBqh_N0RPp5lhXG0gmlrpS4nG40_izrAIepRLh7KM7DQOGT7U9kFPezctzy-yPmWW9GC3-ReScgod2y4y-Qi4D_gIFp-Wvy-D0JjOiWxAsrcSBTEsu1ccZ7dxkXDPXu5vxasfX8yGwMfTSI2OwSx_RBE2dGY1UQ4MZvyHcs3vxYEkF4HkRahIDne07XA7rvUttSmjv0cSRvQGxa0TGchYRmhH9fh5JhRHQEQu6Wg27xI2xzGneQCggaRSL8M8GvDQzAdjOFmsUxyuBiwnjER-dn7yZjJU4bEOcxBJyfIJW0qVtOOoFb6QKvTIGbTD4Ue7eTwAMIkiQeaSWlcrEX3RJ3xb_Ti_oWa3ZaJjMJwyGG1Vg5lwLXfUX5VH9Imd51t95PiQWk0RYhiC7sg4aoln0ExMY51viL_3YkvhZj-srhUlBWFMt3WW4wbqI-qGgWdxagn11e0awFLZCsXhf4HADFQnCDlfmlx6xSLpQMOdGzKGy5LyN93QedwvB0gnpfRVZPFO2AB1Bk_VYX5N-N39cR6f6dOYiKtgYnMdovY2FXO3IxxDTbATgxD0AU7ojzdBfSJo7Ln9e-hEbgU5M8gbXrIr7UuNsCTZ-wLNxr76wp6I-f15J2NAwjs4Xv1YPU0TsOhP3g8gleaKUkVIQS_Dv-PzLzQg2XvoG4Fv_-nbNa3aOfmrDSo2ThZsD-rACdmzt8UdUbh_ITkyHg4yBsxL0VwGpVA_iggDzIhBCfetnKDf_as4dMhPd86cbIatfJQ7J2875VlL75&sai=AMfl-YRgcAaYzDz0l-tTlhaYeeG-obNiMHnmAj8Zyq6LAt2NN5HbbpCV6E0QrIdHEKabhLcdUJEEjrkpuV-jYATpFIEPqfY2EMRcNjS3oUtPr2HK2985rgzbTVJIXa5cNwHbg86P0EbNOivZNR-A2RjyHnHDrSNalteYazIyN9UmklG4PeU4MIjITuXr31MMUxqK30b8pRv1LfgX9ZWM68tPLDMfFRLml3AUpO3VLzmkLq0t7QAOzyfLvkpdyuiijoovACkWEpX4_kA&sig=Cg0ArKJSzPQoXk2FQHlhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=862&vt=11&dtpt=406&dett=3&cstd=449&cisv=r20230124.97246&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9150192991151314574/ Frame 4D46 3 KB
1 KB 37ms
37ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9150192991151314574/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 23:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Jan 2024 23:17:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 010E 0
0 63ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss88FqP2RG23L83Llld9X7FR0Lup8q2hmaPiJf9ezPoyYGiSr5Ar8Xh0_Xt4G64RFmwCs9dutt65Fk41OrKwJl6hshDW7WxOelItX9r8vq80BbaHj1Wn3ZFUArv-xU7oGoNIeHK_KSHzKJsYUoRk1ZH-hy7GsMXcbziLQcC0sOeNUw8sNuvFnoeDVjE5CIHsaMS19uUPFpwreyR-SMPeZU8ocwB8RHSRif5I1BLavcnvsUAVihOPFTSSjmbDqktcdL1aT-RN4Mx8OH9AvqbXfyKfWUAwFNLbZWRZT15Sfdf94hD9ZPyPHw_JPIskSEQBuE3N7B3GQ8i2lfgDS6d3SXZ_6Uxeqc1zcLZWGMLBtx-8ySYUPcJ-YWvwY_NeJoxe_8Zwiim3lV_Yadna-A4Q7OQGFt-OmAG9mwBLmuj46Z6E3rOuvMXTlcJTIqKa2keyz5T0fandb78hjV44hJk2Ja0mXTl-lKZr-Cc8asAt0A3UweZkU4cG2csUGLKhAqPDlyz6kKvUHGOq4N2AbtLp8VuWrGKDEN6wJlg_aNjSKYGruz8_Qq9zvA0kbwiQx2V7BkoBcCxRxu7FyGjhcA21SLv3UqRvlnqvN1BJmauyfZg0LTpP1scoucG-LzKxlXk3-HheEAY9u3OdVZCzi5CvUrPEoBzkF4FCf9ARvJzRHSmEDrGeOptMDWJlqgRfEUQo9kQC0tTcKof_q0Bq01Q3E2JJOGeUL5QTX5c1hjDWjuYmchDNWX1xkAo_tBp1OWWBF3wFiuN0U8Twytj6OwDXxkvPv1SKUEqRVqbDAPRyuY-ea7FvUjOw9LHmOGBnwxbHgu2vDhvuWjnYD3f5Ef4tlcGiD2z6dUcrrzLLQF_wlHx09mMc-cDyWWJtIxfwAuBZE3FXoa2YOw46Y5fUjAEG-kmNADsvh3w_EGNvL8KKBNOlkpDpYoqjZfTm6KBjEBQbwH1CtPxlp9GbZol2vQ9R2xgIBdc4PMmxd1hfdPyeAwyMfJlQORfjgVGrlsKOiBaDWzrG0v446IP0GfIYTrx4F4L11A35ouqwb6sZhx2MxDS2FbvJBVT6FDW1bDwtqAU8xmnWfvkcuuCqVOoETr4sOmXdM93vQOMQwMriz-Hj56xU2bzinZm2UgMQUcZlvnd2jkBqpKiwnplHIo9zweXNjgFTPG1xrpICTO9ZSIq6Iw0j3Iv1Iyok5Zz8jvzC85MgVx-9073d8ZpY_zS4CqBPEc7o8YLz6khm6RUASNp9w-fZczdPKru9nh1lwiTWxz_fJ1gfjuil8Lf_80&sai=AMfl-YTr7GdDLF2xSlFv7UwoVisJ7frJAigrfZiQTm4K4r2HATZoE7HtOh6v-yUcDXyzWLIqy6NwyKWwHS5Xnf2ttDutx2nI4eZUe0dD3AZubRXEsJyozT6Q8fkHkhbl1AetewHmSAD65D9-GNDh_SuTwKf0q9D-SisufiPQW0tcmIjUgjoIAT5VFp0fqOVwnqg6lINXZ80crF6W1bRsvERoYN3hRlKyuG6uEh0x83ZpoDICEF1iMzNAAZSsWQRTPL84EY9mK2WyAxo&sig=Cg0ArKJSzB8fGkBv8th9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=811&vt=11&dtpt=398&dett=3&cstd=408&cisv=r20230124.28108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B4B3 47 KB
47 KB 46ms
45ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:26:52 GMT
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:41:52 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B4B3 46 KB
46 KB 41ms
39ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:23:16 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:38:16 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B4B3 2 KB
2 KB 98ms
97ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:20:30 GMT
x-content-type-options: nosniff
age: 33394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 10:20:30 GMT

GET
H3 200 60005582_20230119021108687_160x600_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B4B3 45 KB
45 KB 102ms
100ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230119021108687_160x600_LOOK-01.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fd8ae934efe1cde113a81c77982da61061da882f1958c03767fbd3f3c7ed6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:56 GMT
x-content-type-options: nosniff
age: 35168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46468
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 10:11:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:50:56 GMT

GET
H3 200 60005582_20230119021112624_160x600_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B4B3 46 KB
46 KB 63ms
62ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230119021112624_160x600_LOOK-02.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69c5c1ad63cc07b07cf8f17d59d33b2fa1035a1294d2953b8e7e951a7783714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:56 GMT
x-content-type-options: nosniff
age: 35168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47173
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 10:11:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:50:56 GMT

GET
H3 200 60005582_20230119021104213_160x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B4B3 47 KB
47 KB 61ms
59ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230119021104213_160x600_INTRO.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe00843d8754d9ba5a8c80d636a6558eadd0b250caca0040c79b343230201e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 18:50:50 GMT
x-content-type-options: nosniff
age: 2774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48401
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 10:11:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 18:50:50 GMT

GET postview.gif
portal.o2online.de/nws/img/ Frame B4B3 0
0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FF78 47 KB
47 KB 48ms
47ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:26:52 GMT
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:41:52 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FF78 46 KB
46 KB 57ms
56ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:23:16 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:38:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FF78 7 KB
6 KB 78ms
78ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

059cdfdbc1d9e85f60f59ddd2ab8bf5e95d8b67421e3f85ee154f4ac7c567425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5759
x-xss-protection: 0

GET
H3 200 60005582_20230113042530018_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FF78 89 KB
90 KB 74ms
73ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230113042530018_ASSET.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2abca8f6c9a782408455e2f62859e2730333c7477ca031ad36e3bafa68dc615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:05:19 GMT
x-content-type-options: nosniff
age: 23505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91647
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 12:25:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 13:05:19 GMT

GET
H3 200 60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FF78 61 KB
61 KB 81ms
81ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:15:32 GMT
x-content-type-options: nosniff
age: 33692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62713
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 10:15:32 GMT

GET
H3 200 60005582_20230113052337010_300x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FF78 47 KB
47 KB 91ms
91ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230113052337010_300x600_INTRO.png

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac736b755d1e73b248cacf82a532914045934b6166f27d849c5c48853039c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 06:05:50 GMT
x-content-type-options: nosniff
age: 48674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48056
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:23:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 06:05:50 GMT

GET postview.gif
portal.o2online.de/nws/img/ Frame FF78 0
0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B72 0
0 67ms
65ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoLVEDA4MlTSyFTj495NU8gipbFFCNQ_D7vt5x65hUc7MqWWilXvoZxF3R1NP_g6fogzdFIMTEDlG7ixJeYetcwMOaBQLh-5AMHpgUwjpDxY8jeWCDhOmYBb5On_mMDMlBHSGC7wvlmyjFl-58mJN3Z4PtWwmA_BEYammWGPWJVifg0wvAt8ef7HDPnHDJsaKFs2m9tRoJ6MX3HH1hg-eJoovPDEb-dKd-zo_qyna9YIzqzb8Clgwv7tvGxWGoosfJLygxRPRGqkMey8JYfSnkOLVdU0AoJj2hmG_URAn58meO8hbEdF-sjDvYKEHLPvfMbt2mcIYcdukaZ3dDRcZVKY2a1O5_qicr1TVo6E1sJXYY8KLNPM7i5-tQC64LYle4q6rn-zHPZ6zw4ZLzA0WHB6L9DH2S0J6mZyUcQBIvT-ETnvCJqzgbaCwkTgxsLBIXVALji_7TchSK_nOYxGaYPYn_f_4ABc18opqXxuqcKMrGfiEO7ewH0Zf8LTxNDgBeEHXsal46fGXi1ASz5SzceuXQc45fzoxBWZqxW858sSp2X19wQpUCEBwFvdteZjf80bUnmdBw9ZwV9UfXKTLKq1PFmcVpHq_KPjeWTpHwT27T8ZbgNwsRQs4WT6P4ylTzeGRjWpNkc8wFmfIRs-McHxK1Z4VpyuAqnB1Vb690-25L5xUbanVdCk28zhHkMykKv6-MPlAtFsiXH6iZmMN5CAmAUGcPKKqnmWsMiTBGcjbx87IpQZSpkp3a9Tbm68gD9NYij0EBeJSZ7cddzEPYv-xQYiMflDrdN2THAUyXLxl1n4ZUeY85FB6yTbZXe-g2woeqdVLugOqy5EHIpc2mZMUFpnzI_fsicx_mlU9_ayE1jC5HsZE6GTWJJ_ab84iDN8avZYIQk4Eox8BT7X2C6QUquZAHKk7qodA4w8Ozu5nRyuSoGctJdeJm6UNOp2Vuv5g0t7M01qmqtxrhOoGtj_4Z1nzXUT990AglaFaEniwg9Jr5YmZc9RHvFIyvIoGU5o_Wtc5wZr-Ra_WZF3ukIXatWj3XBYdui9GWL92zMTJJs_1V_Yt89DaFuIQRl6yFGer41TwX_1OqkXKB7maOdNw5Qa_6F82yDtEodaf2BXf2ZG04t5cLkxWoEkZc6ynIevYq26zSdhn_nQQgLYooKoTwr-XdrSsTIGFohzfHaGUUXvy1XY6YU30VnmU7M-nYJ7MtI4xOLL1t-D8k2GZ6JdWcTkm-vRXgiSknBpJQGY1H8_-plciksXI_OQTZ-XNzEnc7Sj5ZybiOsBk&sai=AMfl-YSWhCYq1F9cl3KBct3WMPvtQHdwrZ16uWy4_4uqBOCFKSNWHOT_pyNrtL6HpeV0MOOBP68DadBmS0l-QwwnNEEsAB9Bmm_NxlMolHWaUMraoJjYJeKqqfRRN3H7l2w-8LrOD4oEvlrupJa477lnmoCKSTYhEDAfavGknc8-aYdLfNwePeem2pdyFcujQ23OUl9NWOtu9abbAS_qhDl6y4wz5WJWwf1RrvXQCOGW2lgqP_nidfVAK3C4tBCMU1Em9sIdbU0ehVI&sig=Cg0ArKJSzBcQy1BF1DtHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=765&vt=11&dtpt=415&dett=3&cstd=346&cisv=r20230124.05305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thedutchhacker.com
URL: https://www.thedutchhacker.com/mitre-on-tryhackme/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 96ms
95ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd0480a3332084d71188710d35a0be28385e041ba7ed1d9eec4f30ab2da71ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD6D 0
20 B 74ms
73ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By8Fs38rWY_HZKvyB9u8P07ec6AIAAAAAOAHgBAI&bg=!2tml2Z3NAAZSrDxfcqw7ACkAdvg8Wo6DBNBXOQSoozm6n8GI-wi7Ae-26K9ovpFX80nUVwR37bbXlwIAAAFKUgAAAAJoAQeZAuynrb7OW8FvFDWCSckeTGvd9YJxtF-yILUmapgw-ce8X9jOWXJjupjaMtnkg5feI96i1GWWV-HAnfh7dXKAqQPW8QqOrxO3ltAJ_RapZ0Mi5jajUaMZlqksT1Gi12cCO8FwSfvkprDLS9Esa23_JnfvokKaUcezXGfGG86zAMKYOSYZTNum3I2zoPXhXZ_Akf8pDnLowJX_aTcHaz7emcy1USkD_YZuC1Gqfiq8rQ_JB-7K1JTTdSKGoDgOg9KAVFr65sS3JUQI4foXgJejc2SG6lYac60rf1_0EYREaYXVJpa1P66WRsy9ZNrtOSVyDWf7CUE7QTtv-tfY-f50MHV_J4W1OHp45gmYypagnZ74xrzoZR2TkephjOtJbcOF8RAUzosvPCPEFRymrpNJ0s_6mHPuU2MlfU7tx6Sr4Y8keuuaC6fgcPXqPAoY2crVDk5GBz0LEwCj4HTIavDjQLVsusBBmAslR9nLwsBCIVoj7ehS8adoZC0HWdS8zglGQHkpCkaSkqejiUa_me9rzk737RCLPVaHX5cspJfa8TXrb8Dgb1gqt8psqjMAzMrq_4zU74haF9ZJEl-OAOX9vwTQ1BEhwP6DD2craZEMbXjpPXF_1XF-Jse3qfuBPH79I-Y3vEc1wLi_FT3c4GSCojk-u2kjBFpInhqRALdd-Dck7zDCbvGhBnSUM3llzCVPvteLIkpNxJ0VWgujp4CKuM6KAtYUaS3kLDbO6Z41QZf49jvapOdLiudkxvIxt6sJ4z9VlzQ2lDdf61NcHkKqrecOMKG5pT03ciU41t5UEPJIrlDr46eKzW6QWsoIPFWDpHju2xcq3xrC51xwDxcvWKjsm9suOh7TrPu4hkQcTuOsU0a7ipkqRIMbwafhkoXfl0oAjl4JNR-hBcWdpp0oCTzXERs5qPwI6xm8M5yBs986Rwk9AABnqGO8EbkaPjH_Rx1lLLzoiLiHwgUUlZg-WTseVxawLu57CCxjfBTE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B4B3 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8005 0
20 B 77ms
76ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba0r538rWY7KaL7Cj7_UP2MCliAUAAAAAOAHgBAI&bg=!DA-lD0vNAAZSrDxfcqw7ACkAdvg8WkoSGs1qcZevrLYRi1iFOIKYxemZ-0NtskoCVRptkVBb0qVR9gIAAAFXUgAAAANoAQeZAwLxcTnvWQlXDYVmsGIrH8o0D4DAN-TCEgTVCiLSAMF923p3soluzOASgKYujWDQ_KuBySbfIHAl3mQMkDPlSLwy4X7Q4-POxn7zXfBCS8XlFzPSHVjG5lW1c8k9Kr5KdcT11XPOxoDiXizyXO8X_eGTEpLWeDaoq415KvxI9PMEiyyRxrowmx5lAZGXFGY8tLAg2ol-l1u_DSrPehzxzWovzmuqWPa0DTS5Ev1WdGXUJhVuwezb_RHGBFTdONdA-5f8W4hxnwd1vPdJLc7pA3DCpHkq3TzVqUqhH7fS9sHTd3WlGTfDnSK9BtfgX5hfa826JHg1b7Oc4wnt1JtnrZ_3brLdPoJP4ehK0NraB54LjcT-OKXlkP999Wjzj_NX6gy0iLwIjGJop1Bv3_7ldZ2scMlspa1DD-cvQ3_amAjGM7YcrJ9UW5UzWJacl2PEuiNSyPeNfZnKbHqQhss4MMmPAVwsL6_zqnttLl_BXvKeTSxbEY4cLsv0XLgVb9s_3-SlQmrtWWyyup3kdpOUs9ozvtGWHfgtL7hMWFP9XqvCmByRujXiPAqcnZetS-RXThOBHGge_tmRoWQLM_N7Q3vW2lYapbA5xMF70RsvbbqHaqHGZgc4_CLgtUjyhpLrFUdHzsxstK3gy3Dyxq1uRievO0Y8XykROm2L3qXUR7tLStSuoAdlDYRD_gsa-GnidUGwdaXEC7ujSI_1tsgDr4IcGG6npmus-0cOXVSYOO6lKAhcvl4ecReT8ebda2y6F7rmwb4q03n6mU3vZT0FqZypmRFCYc_YTuCaHSLJ00brGB76hcdONztGA2yUwAGu-hy7Eoxk19GDm6WT5aIuVdo2SmuDxVLXIfgK5aL36tvoBkkWzsrLceu-S2QumDEe0P50mWVlFWy_UVF9mgqq3ts-ZYYrul6un2j6ku_RuvyiTrp2QhTKSwgf34_L6RASLgw9hKcaBsodTPmkYaRLRVqQiSuZ1eJsdHXNjZwPLUOxpZs_cfrsRYt4KXgWYJOh7GRPvQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 4D46 13 KB
6 KB 141ms
36ms Script
text/javascript 2a00:1450:400d:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 10:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 10:25:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4D46 8 KB
6 KB 81ms
80ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2224925cf5ecd8bd9396826d8fed9489dc7528cf2bf7d24db6abd809e80481a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5816
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame B4B3 26 KB
26 KB 57ms
56ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17794608782064484352/160x600.html?e=69&leftOffset=0&topOffset=0&c=RE36M4BCQK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:33:22 GMT
x-content-type-options: nosniff
age: 222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:48:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FF78 17 KB
6 KB 155ms
153ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 262ms
261ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:05 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FF78 26 KB
26 KB 42ms
41ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9449438672546955264/300x600.html?e=69&leftOffset=0&topOffset=0&c=kkferI9HBU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:33:22 GMT
x-content-type-options: nosniff
age: 222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:48:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D46 17 KB
6 KB 221ms
220ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 19:37:05 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame BAE9 36 KB
14 KB 42ms
36ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71CA 0
20 B 79ms
76ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaLL238rWY-zZLfHQ7_UP-5KCsAUAAAAAOAHgBAI&bg=!vL-lv_vNAAZSrDxfcqw7ACkAdvg8Wowms2P6x9d1jORL8JbhyKXCOeQRuhmE_ZCI9N74eZPbNkoBhgIAAAFdUgAAAAJoAQcKAMgT0o-tBH5p-TcX3XY3QO0bxr-cEMRDDlEF47Pdi0WdrukoDg2sTYrVEV7vL04juwdWF-KGvwfc6QtgwmqLnGBDvUrOQBU1M5isM1Y7aB_FtPVXLY-xWGfw1Eiic9Ts11nmSLqop2ONBaaBL-nz7zhlNS3U8a2b6l8eu0KYTmArBkva9Frgzt5Dnc1X9hNf5iJBkMrCv3-XzXSjo0Qr_ZLLS6j44YuVHPpArTLJtNHF0P7rCLt7Qcx6klpvJ5Ui356-V0tkEZRA2pkC0KIcBcHtVWecAQ8gSpfUCzJS-8NHdYOyAq9OQA1sbjcuTS5L8PXvvHB9l1y1tNssoQSYfyX1cnKIPbsPK0NRkoYSGh6-pm32rzL4fBAGRATXIp99bi52Vk2ctukznJYunS64oTbf9rI2VMv6qClbcutbChp7krAzHpA8ueVgWdgQIgYa1jS8qiHRrBo_dcMIpBzV89nrYwFtD8PF4Ys4HZr1bQpFYp0vhil62IwGyeXPvUIFC9XDePpCPfqd5kZCMdfMAheEEa75GZoD5gzg3LyrqKsycU3vRgWC6CbdRuOpWKLsMSsc5HLxGzZhWOQfTcHISsy1wvHk22dDzKmNDh2qrEKokaIuP3ms5pBNwg7HLQlnf4YIUXXlv101wP9vh33QhoCYOf9ArWcOXTAvooBisL0BaN0DjMdg8atjSdhDg3wyeANYoIt5zngvvRVND6e2dEgThM-SiT9HboFApljCug_bVYx1-tZoR5CoyrjksRq8dKkRixgY1QIL95m-UbZ2ka46u4ygML8Q8a_z07nRKecMi6EzlD114Kmrv2cqAWrtjw-X2A0ikghIfV_XzeQTB6tfSRQTFz4DYo6EkXvf5RzUP7EBAbszwiXYhg1TD8nNC60nPa26oDR-ap1XsvjvuP5Teq4mY_yQ5MUtw6e-7gjllbS-R537K8aFR1W5NYt6VHoAu2GIslXWlwimliQHJlJh_ehpC04A6-iyy25V61AOru96f1egay02qzcMv9M6lh-ZklHOXTfpgucWMxHVXd1OZEw1By0hun-HiKKfqEXKP5fp-D1EUdlc_kbsVGUBDSs8jBO-uSYLNJGtvr_0Goa1ckAwz7sGW8-OL9r7vi8Y9ae1Jl7Rm8yB9INZTDYXDMQ0hpll1BNMeh1NxRhFFHUBBuivL_uvddUkIIJPNczV5PeyLJCdJrZffVUy6yF47a35cCqTyeovf80-WQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9716 0
20 B 81ms
79ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByUdG38rWY5K-Lr-g9u8PtKyUmA0AAAAAOAHgBAI&bg=!eXqlej7NAAZSrDxfcqw7ACkAdvg8WnK5GkMfVq3BHLIPnHLZ5wEnYAP56mMCnmDgTCAOQx-b5zwO6gIAAAFSUgAAAAJoAQcKAFizrA-d6GXdVpZ7ZeOvVJjre62ThN9ug414EbMq1aniRBehPQDDcVu14QKVe8HQEhn8nPu95TDNz8y9ZL3CMHi9fsNjzzcu_KkvYRGlVZx_phBk2F3WkVY_mQLYmBN2PRVe7ybhO7k6oMW0CDhNyixh8lc4oAjQ1Pgt4IvhCuVT2OAAeZsYUnJBjjARCpYZt4H4qV5zNrm2ercKVh3c9a5QWE-91q3CotWhicPHraD2KRvucDU9tlur-Iisb2-FAMSl9dwo8_A81cb-lPzx_j3ClMIYLl1Y6T3NX0qN6fe4ycWZr63OJAODoAaDKdi71Ucl6MESOQyd2gYrJ8KqQgM5zaupisMtipphzV6OhaxcXrI4DeI-Fm12EcbJa50Q6bxY05wwOSR95ufXQAnY1XwsZ5l0qMTVBkqoLr8btxj6EQxhTBXhSEjoC70zht49bfZejFpegZmv2g3X7VKa-hGQRLz6vEGyJntu2Eeg8REsyV2PwLXvUCj_t93KJJmCQ8fq5V0-djiW-om_cMS4NW970puWciZqOXOyaK04grqRW59qoSuQYtUTv-KZv1YFAZJmJ3nRdObiimruDFUejEf6RU2OMErnuS1iqbeuBxTYoKHCMNvnUh3kn_CK2Lsc8h4b4udfaK_c9tpYNLpIeoDMwovzhmgJnrHBdU5u0trTgLTsNaQ3WiyLkN9dEJ6y5ZbzpzJQUYs5KC-tSTb-L8F-v3Loj-vOyMYRvOVqDgq4ptrhPLIX-ThB8HErEAXz5GeBhzSzaKnOG1uxT3-KsbYuz5X47OpIBLipjsLGTpPtc3NOuv7RvGNz4L21O58232XevnhdGsZ9ndHlrpn8VBZNnem1F_iPdABmdZVfcmhS-6k4LcbDCIlhmgSqyaeLtBY0eSucabcnFn25IvvOT5n39aFT7t6qHoQZcdU3XxhjhgbWE4O_kgPyYnkFgzsKE3IGJERxjMkMyyJ2zQcwNif9HMif3rErHdY0zDVsx4mZtUVkHC3fv5SKK2LYmwF32DXi0d_n_02gym26nciSJUFys2TdtCO2O4TpZ1FB6fofOzSUhyVBTd1miRygderaeNlM2zU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 4D46 98 KB
98 KB 40ms
39ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:27:18 GMT
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:42:18 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 4D46 57 KB
57 KB 37ms
36ms Font
font/woff 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9150192991151314574/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:27:18 GMT
x-content-type-options: nosniff
age: 586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 19:42:18 GMT

GET
H2 200 eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJxXzc0NXgxMjgwXzIyMDctYW5mLXMtbGllYmUzZWJhY2EzZi1jMTEwLTQyNTUtODhmOC00OGE5ODY3ZjJmYjEucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjo2M...
d27rf63iunghx1.cloudfront.net/ Frame 4D46 594 KB
595 KB 170ms
23ms Image
image/png 2600:9000:214f:8400:15:6513:6d40:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJxXzc0NXgxMjgwXzIyMDctYW5mLXMtbGllYmUzZWJhY2EzZi1jMTEwLTQyNTUtODhmOC00OGE5ODY3ZjJmYjEucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjo2MDAsImhlaWdodCI6MTIwMCwiZml0IjoiaW5zaWRlIn19fQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:15:6513:6d40:21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb7135f018e8943df0610a776996d63ef92f26ee06491311e6f850d87a09e82

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:06:22 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1665043
x-amzn-requestid: 2510a66b-b840-4061-a244-77942bf02e70
x-cache: Hit from cloudfront
x-amz-apigw-id: ehxgOFDIFiAFamw=
content-length: 608161
last-modified: Tue, 22 Nov 2022 15:09:07 GMT
x-amzn-trace-id: Root=1-63bd62ce-3d13036b7952355500d57e1f
access-control-allow-methods: GET
content-type: png
access-control-allow-origin: *
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 8yOiCp6LN9gghAN7RXO4Ba1lKUP1kL-eH0Do8sY3xd8BDE8vlP7ckQ==

GET
H2 200 eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJzdG9lcmVyLWdicGx1c2ZlM2IwYjAyLTQ2ZjUtNDYyOS1hZWQ2LWRmNjEyZDQxYzg5My5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjYwMCwiaGVpZ2h0IjoxM...
d27rf63iunghx1.cloudfront.net/ Frame 4D46 84 KB
85 KB 271ms
125ms Image
image/png 2600:9000:214f:8400:15:6513:6d40:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJzdG9lcmVyLWdicGx1c2ZlM2IwYjAyLTQ2ZjUtNDYyOS1hZWQ2LWRmNjEyZDQxYzg5My5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjYwMCwiaGVpZ2h0IjoxMjAwLCJmaXQiOiJpbnNpZGUifX19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:15:6513:6d40:21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e54718c8442a36d82273ef344509dc1979386eda94a2fe9c88c39febe5d66c8

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 16:11:03 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2258762
x-amzn-requestid: 71eab84b-231a-4759-a845-4dddae69b564
x-cache: Hit from cloudfront
x-amz-apigw-id: eLH_nEiQFiAFrhA=
content-length: 86191
last-modified: Tue, 22 Nov 2022 15:09:03 GMT
x-amzn-trace-id: Root=1-63b45396-03b066cb5549309b565951df
access-control-allow-methods: GET
content-type: png
access-control-allow-origin: *
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: m3rLgxwgA8QhRwwFO6Qlp0kXsS5TSa_YYSUoPLIb-qYGgQBbFMaIEQ==

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame A5AA 36 KB
14 KB 76ms
43ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7806 13 KB
5 KB 42ms
38ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:04:02 GMT
expires: Sat, 27 Jan 2024 09:04:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 122B 783 B
534 B 38ms
34ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79a2c805ce8d678d7d70e9672cd3bc3c0ebb4af20e816ae3e3b80cb801885632

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-emGVCpsRH1mfLfWWYQQsbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thedutchhacker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-emGVCpsRH1mfLfWWYQQsbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 19:37:05 GMT
expires: Sun, 29 Jan 2023 19:37:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame E585 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 122B 0
0 72ms
72ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=1257907978918382&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7806 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 07:54:37 GMT

GET
H2 200 eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJxXzc0NXgxMjgwXzIyMDctYW5mLXMtbGllYmUzZWJhY2EzZi1jMTEwLTQyNTUtODhmOC00OGE5ODY3ZjJmYjEucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjo2M...
d27rf63iunghx1.cloudfront.net/ Frame 4D46 594 KB
595 KB 72ms
26ms Image
image/png 2600:9000:214f:8400:15:6513:6d40:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJxXzc0NXgxMjgwXzIyMDctYW5mLXMtbGllYmUzZWJhY2EzZi1jMTEwLTQyNTUtODhmOC00OGE5ODY3ZjJmYjEucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjo2MDAsImhlaWdodCI6MTIwMCwiZml0IjoiaW5zaWRlIn19fQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:15:6513:6d40:21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb7135f018e8943df0610a776996d63ef92f26ee06491311e6f850d87a09e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:09:17 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1664868
x-amzn-requestid: 9096e09c-e308-4505-8c8d-77ac311d2f44
x-cache: Hit from cloudfront
x-amz-apigw-id: ehx7oHaxFiAFfvA=
content-length: 608161
last-modified: Tue, 22 Nov 2022 15:09:07 GMT
x-amzn-trace-id: Root=1-63bd637d-72ed251b5533cc615c116517
access-control-allow-methods: GET
content-type: png
access-control-allow-origin: *
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: aGCu-BDif3yoT4mk4p_HMr-dSb1keDsttqBe6KheUkCqj-jRrG9fcg==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 444E 0
20 B 68ms
68ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3885565114108&version=m202209210101&ct=76&x=1&cor=15081434006846603000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7806 0
10 B 35ms
34ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u2KYKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9381 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1311887601436&version=m202209210101&ct=76&x=1&cor=14777551999713671000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 010E 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1868105111396&version=m202209210101&ct=76&x=1&cor=15381986973845551000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B72 0
20 B 68ms
68ms Ping
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5867044680694&version=m202209210101&ct=76&x=1&cor=1284673251304354000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 19:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
71ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230124&jk=1257907978918382&bg=!hYalhsLNAAZSrDxfcqw7ACkAdvg8WrS1ZQT14iE8JyMhY3gJ_lH68tD2oxWscUW79mvdfjCS7rWpVgIAAABOUgAAAARoAQcKAIQ8QJmugonbxi_0V-0srXexNmNyd2aF82djfIkUSqY1DzwwOzG--3QyHAwYkxXDipyx27ZV0u_SfGdsS45sbnNarcefk1dad7PiXzs_j3xRE52YgzFHLrVqFQKMFnbRhkTsEb33TSoYUtsVFlnceT3xYsJpTLnI3yi1AjNF56KEaQg4YmuZAqJ7MLUOQtIYKJLL_roCX49EoCZzr73hlziPKNVZlcB1zLyGw-mpGRA7hDWmtIA4xP4X7r3xn0kfiWkPzW5APbPzcGeQ-xpkDsgf8SiN8vgpBthYHp_KJx0Yp_TNb-JiyD2ziKB6w4iW35Bj1KjGXl3Q6tgbh6-kiihIALr9HypwqDKlR3pNBYAmwAg3bsLdWljoQ0kSB___wwMimJadkTWW1t_v4NauMZ8ADm11nfKr7N940qyuCrtBnsoEzmdhQHuiu4QXIlG0TP6q1JbaQKBed2TL8c3hUV0uPKw0FJNYjXKWYFwfzukE0NaBGyvz3G0Dnp8KCuBHEtGmUIKSu-k5BxtxNoSCBN0AOWy2GPF3cd8M8vPFLt6XUTD6-L8iQd9XBdLfaM-kWBXfwfD__khsH-HWZ2QYlicxOJEtKFJp3XORAWoJ0ECklXtpynpR1cOSLyOjQkS6Y8JEyjOC6DuN1rjRDeTAQI_wBLW2yXiK8_loz821QLTzPyBUIwR9yI26nVsHtBrG0bOqSTal_dar_9YaPVzAQ-l99jYKTA36H77jmIqNQgF5FVWrpxB7MgPFWrlh6s9czauzO3WRNrvkHUdsW2OVLPluigAWY53716EEg7kQy51hJtxToDBvOhqz39W8Tf7wD91wITWqYfDssy6nvAQm1hfYSZYRqh5L2NDjsI83FnfVXAlRnxEBAksuvAR2aRpLCm_0pW3_JhlPwPA0p3qt9elCQ8YuiIgz_FzX2i1LNqzfEYGLNYFrGetj3CFgzTjDkhrr599E3olOYkLBMhNJf0_n1QAsWMsq9pKzoPV-3Dl4shV2-21hBUFBPvDdrPBMA4uw5I5-ZC9HHg7V4rcUpOPdWANadwLp8OfH6J5ycz2u4YPDIwQzH4S3pQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thedutchhacker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portal.o2online.de
URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357498827_170179853_YP0102A20230119&ref=29246774_4307561_357498827_170179853_YP0102A20230119

Domain: portal.o2online.de
URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354470166_170180369_PO0404A20230118&ref=29072291_4307561_354470166_170180369_PO0404A20230118

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thedutchhacker.com/	1970-01-20 18:53:01	Name: _ga_519RC09TEL Value: GS1.1.1675021021.1.0.1675021021.0.0.0
.thedutchhacker.com/	1970-01-20 18:53:01	Name: _ga Value: GA1.2.756688161.1675021021
.thedutchhacker.com/	1970-01-20 09:18:27	Name: _gid Value: GA1.2.1340974317.1675021021
.thedutchhacker.com/	1970-01-20 09:17:01	Name: _gat_gtag_UA_186229909_1 Value: 1
.thedutchhacker.com/	1970-01-20 18:38:37	Name: __gads Value: ID=6708fd86712bf8ed-22e0392879db0019:T=1675021021:RT=1675021021:S=ALNI_MaFZe6hjTkAmo8ypRrfxX556lTn9A
.thedutchhacker.com/	1970-01-20 18:38:37	Name: __gpi Value: UID=00000babc6e1c3af:T=1675021021:RT=1675021021:S=ALNI_MYSfCrXgT9KRDnQ5q0q-4JaVZJ_Sw
.doubleclick.net/	1970-01-20 09:17:04	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:38:37	Name: IDE Value: AHWqTUkg5rJWxrWwV8KnI6PsDHZkhZgO6yz3kxk0lXLlvhBWRnmu57v3C8qUSLEl6hM
.casalemedia.com/	1970-01-20 18:02:37	Name: CMID Value: Y9bK34YeyI5bJioQZZdUagAA
.casalemedia.com/	1970-01-20 11:26:37	Name: CMPRO Value: 5160
.casalemedia.com/	1970-01-20 11:26:37	Name: CMPS Value: 5160
.adnxs.com/	1970-01-20 11:26:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU)txZSw!]tbPl1M>e)ZlrFUfJ+tGXxoLP4T:+<B)XjM%WaWZIs'bDrVmL[82E5a-*#k3If)y3KL9D3I?+:]ZSZ5
.adnxs.com/	1970-01-20 11:26:37	Name: uuid2 Value: 4080661460032448669
.turn.com/	1970-01-20 13:36:13	Name: uid Value: 8813888491799384701
.w55c.net/	1970-01-20 18:47:15	Name: wfivefivec Value: 0mtCiVDo1Pmdu85
.yahoo.com/	1970-01-20 18:02:58	Name: A3 Value: d=AQABBODK1mMCELMFuga4cXmp6P2ChAF27r0FEgEBAQEc2GPgYwAAAAAA_eMAAA&S=AQAAAoQtkAMDOzXdklH1z1PtkcY
.w55c.net/	1970-01-20 10:00:13	Name: matchgoogle Value: 5
.blismedia.com/	1970-01-20 18:02:41	Name: b Value: 63D6CAE0D9E029CC7E3AE89DBLIS
.360yield.com/	1970-01-20 11:26:37	Name: tuuid Value: c91b3a37-507c-4763-9b37-ac13e8c4ac76
.360yield.com/	1970-01-20 11:26:37	Name: tuuid_lu Value: 1675021024
.pubmatic.com/	1970-01-20 09:18:27	Name: KTPCACOOKIE Value: YES
.adform.net/	1970-01-20 10:00:13	Name: C Value: 1
.lijit.com/	1970-01-20 18:02:37	Name: ljt_reader Value: GEaZpGZHvls5q2OJR_eH3MEM
.pubmatic.com/	1970-01-20 18:02:37	Name: KADUSERCOOKIE Value: E1911D67-EEF1-4709-9B89-D2B7E462ACB2
.3lift.com/	1970-01-20 11:26:37	Name: tluid Value: 2441581079793241366560
.adform.net/	1970-01-20 10:43:25	Name: uid Value: 7911759150756045817
.bidswitch.net/	1970-01-20 18:02:37	Name: c Value: 1675021024
.bidswitch.net/	1970-01-20 18:02:37	Name: tuuid_lu Value: 1675021024
.bidswitch.net/	1970-01-20 18:02:37	Name: tuuid Value: d97278d8-eec0-4b28-969b-0fd86e1693ab
.everesttech.net/	1970-01-20 18:02:37	Name: everest_g_v2 Value: g_surferid~Y9bK4AADHvS9qAAF
pool.admedo.com/	1970-01-20 18:02:37	Name: tuuid Value: 10c600b4-7d1e-43df-8851-aa6bc568d0f4
pool.admedo.com/	1970-01-20 18:02:37	Name: c Value: 1675021025
pool.admedo.com/	1970-01-20 18:02:37	Name: tuuid_lu Value: 1675021025
.sportradarserving.com/	1970-01-20 18:02:37	Name: zuuid Value: 720c3d64-eff1-48a1-8dc9-53b117d1745c
.sportradarserving.com/	1970-01-20 18:02:37	Name: c Value: 1675021025
.sportradarserving.com/	1970-01-20 18:02:37	Name: zuuid_lu Value: 1675021025
.sportradarserving.com/	1970-01-20 18:02:37	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 18:02:37	Name: zuuid_k_lu Value: 1675021025

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thedutchhacker.com/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357498827_170179853_YP0102A20230119&ref=29246774_4307561_357498827_170179853_YP0102A20230119 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354470166_170180369_PO0404A20230118&ref=29072291_4307561_354470166_170180369_PO0404A20230118 Message: Failed to load resource: net::ERR_CONNECTION_RESET
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-3639585684811700&fa=1&ifi=8&uci=a!8&btvi=5&xpc=puSHQIgixF&p=https%3A//www.thedutchhacker.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ad.turn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.shareaholic.com
ap.lijit.com
api.pinterest.com
c1.adform.net
cdn-images.mailchimp.com
cdn.shareaholic.net
cm.g.doubleclick.net
d27rf63iunghx1.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
m.media-amazon.com
m9m6e2w5.stackpathcdn.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pm.w55c.net
pool.admedo.com
portal.o2online.de
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
ws-na.amazon-adsystem.com
www.dwin2.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.shareaholic.net
www.thedutchhacker.com
x.bidswitch.net
portal.o2online.de
104.18.33.19
107.20.147.136
142.250.180.226
142.250.186.98
151.101.130.49
151.139.128.10
18.198.46.54
185.80.39.216
185.86.139.103
185.89.210.90
198.47.127.19
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.203.124.188
23.203.125.36
2600:9000:206f:1800:1d:d7f6:39d2:2dc1
2600:9000:20eb:0:f:1dcc:7540:93a1
2600:9000:214f:8400:15:6513:6d40:21
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
2a00:1450:400d:803::2001
2a00:1450:400d:803::200a
2a00:1450:400d:804::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2006
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200e
2a00:1450:4025:401::9d
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27
3.122.47.214
3.33.220.150
3.68.131.77
34.206.246.212
34.96.105.8
34.98.64.218
35.210.53.219
35.227.252.103
37.157.6.248
51.89.9.252
52.46.131.85
52.58.241.65
54.197.98.98
63.250.43.15
65.9.64.91
72.251.249.14
76.223.111.18
01f51d3df4ff5d81c848c0bc1ec5ae822b290c58765b12f9275b6efee67b6a90
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
059cdfdbc1d9e85f60f59ddd2ab8bf5e95d8b67421e3f85ee154f4ac7c567425
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cae0243779ce9fe29932fb94278ebb42dc8ce88bc8e49a868a8b1bd9f93526a
0e54718c8442a36d82273ef344509dc1979386eda94a2fe9c88c39febe5d66c8
111b1b4e4cb34f9149ce09516b6f7b5b9a0299ae59cf38d3d2d32ee8e1f2c563
1234fa9602836728e4313bc73c7fdf55c0098d729fe8d5fd37edee1348fe32fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127c524b2fefcfc92f86fa2464ed40f100be821d83762bf921c3a040a5d92d57
13b29cd701d9062e186617fdce4a5b3f2b74654e686dc938c1a9dab87ed40d6a
13d5899e1f5f04d93ea958bb65844288ded9917afd63421fd80b359e5a9365b4
1630e6651da96e7b0a149090cc695634c18fd65abedd8de2c2a9c824cecae062
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
19782db0ab29c281140be3ecd5d285691e78fc454c15a5b77c6581e727148c98
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1cd981d802c7ba8fbc8ea906dddcc8edd7c1d5763940e38e9b020974074878ca
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f7c3d921574752198efb467617ef569b87e5b2e81187486f1dccb8634741782
2030e278a681663d2dedd6ed24b6cc0baba1da3df22a5db62d3d428c2cf0bcfc
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
21e708b0af48b3417fa8ecf8940aa695cb111ea968cce2aa7f75afd75ac64c6d
2224925cf5ecd8bd9396826d8fed9489dc7528cf2bf7d24db6abd809e80481a2
23edd8fa7ca554bed1b5641ee5e85ff394d698137b6d73b6310bdd7af0e2fe34
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25acdecfeb38e355bf0e259b5d7c853341555f51652783d0059d56f4bafc7df9
28a763fe7ee3202e64c9ca9f3496146040823b1cd4d6edb5536f6fbe742f55c3
298d8fd1fda306532cff20713c5949fa86e890d52427acfb20c707306870de5c
299753c74d87028eeae68944f2d19bffe9ce6e54e81b89514bd06c1081521a57
2c255dab9758ba6028ad5cf4d5a85b0f55e8f9f64f394906caf4b8e1bdf83e19
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d48ae2cac2538deaaa7819402dbc70e455f5dc5835e2dffbd1d7c8ab29556cf
2d6a89f34ccb06359789f3d0b4e5f14c20af315241191dc660ebc2e534498b0f
305f2d4235170c276371fc4b79830bbe6e91bc3012cd949f9f792b37f5b0513f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33bd167ad4c989442b98d7e3f18c5f9cdacdc80ac545de69ee5ef9357bbbe96a
34298778d342b9e3267132f66c1305edb03baf5e1ac5753c6acb5ba3ec29ba96
38af7427c99bf9e96ec5ee04e64d72ff7ffdc95e6bd00afadc4bb25c67215870
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
40b37114c5689729e2609ec6410a32d202fc51b9de22889d2bb32a9527595c82
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4733dbd91179f3503dab78216aaa26a7f1480992c02c58b1ab65f08d5ad18a71
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c
4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
4ab7f48cc449034bd5b3561d577bd4697b7b1303ce63cea100068d11839c3941
4ac736b755d1e73b248cacf82a532914045934b6166f27d849c5c48853039c63
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4d794cdce0c59693716dc5091908a811d109b8020c1279f24469515b150ee38e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5205266942d0254f2fa72700782b575c334416d023f24d5ea5b31f63f811f181
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5de422c92f8ca82f521108fd66baa3ef4a2696b625384ad7e7fa941f66771974
60a5dc2397e22f26f8b7ba7399192d01497282ba751eea0fd6a4c05be9562f47
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67f51f4e1630ca63f432decffd1355cda094d273c67539f23d64e06ed3708e43
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6a20e6c22c285bddb54bcb7eab36809a5b19d1dc7621bd5bdf5d6c5c7dfafe83
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c45ba184542eb8620d42d86268a059889c45642b918267627c1dd78b6c40139
6d712cd9949fbf11adc104d7c8ad16af6c37272c31405b9f7830e00e942e604a
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6fe00843d8754d9ba5a8c80d636a6558eadd0b250caca0040c79b343230201e3
74fd8ae934efe1cde113a81c77982da61061da882f1958c03767fbd3f3c7ed6b
7509061381a267c712df052f96b7f02872d2d279472ddc3317402b30f6a18dc5
759846795b80aa79f91acd89a526612ec69c340f79283926c8d86cfbdbeb9031
79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1
79a2c805ce8d678d7d70e9672cd3bc3c0ebb4af20e816ae3e3b80cb801885632
79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c
7bd0480a3332084d71188710d35a0be28385e041ba7ed1d9eec4f30ab2da71ac
7c033a99d9fd628c088e253e8882c723638899f57b32ffd5861ca82f64fab11e
7d0a8eabd714b656c3ec56d4b5dfbdbbffe5ccef38067c8460d54ebcc4e0ed8d
7d53494e86a096fbc4425fe4e8749e1dd9c1b7c0f9f0f720898f7d153598d2f5
8087619707ad9e06d4d0f6dd4b39ef6d7a8098e60c3a1702b85a6e461a09f7f2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83b263cf3fda9047d940cacb2d962a94993045d08eb3d4e12d3d376259bef620
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87cc3ffc7169655f3bb39c37f2d2db60f5bf92fe26c83f325b5306333398f076
8a02efe77f348d33c2ac13d9193315c6440493026114fc5977cd310651b12c88
8b42e07be5dcfb30b828d8d404bac1c1f579aa25becfb9d7ab61c96024734bb8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd2018322749a3bb38264de4db97edd0076e85e47c66b19d68c17c2465ee3ed
900f8e445927059c4c6c38629801b93edb3ec66a1938e4cd0e56fdeb4d614996
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
91abb28061c5b36a8cc0695ba72796c5cdfd538b798169752d172b72e0c56281
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c00d2423df6944fa66ce4a041e0b46c5a72fbc99fc1a461b8bd5c421031c36
a22bd8cc9accbe07dd66307949c5afddc184418466293db5b50eb810b721dbd3
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a271850a259b8fc2958e0368e90b8f57319c36737c6c385d7d1511ed948052e7
a38a4516f9967b5b77a00f40736a59a1cdeabf9f0b5771f7a58d9cca5f555de5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a7fe8fa9a2a82cf3fc9f1f54134b709236f307a6fb457e1c0fe0898a9542d5bc
a831fbad3ff846921596056c21beb9c77328927cc84403156ec0fcfa330d338a
a88fec7b8e5916b0d96d370ae731240d8bd206a5bc3a141f307b95e569d94923
a8e1d120114185cb44cdea24d2d4a0296a2bcab99e5a9c5d89d02139926726e1
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
ac29b6c5ae09ff8f0d31aa6caf5d488f63f08afb47a949da128185cb2abdd12a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b025b722f9f5cd23e291a263f47c7545c0f3306176bbf016fef28473cb9b423c
b0c7ee6b71a022f5084408babf99b545086781932064ebc9064fbab63739578b
b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ada068479e37083f09e08e6d1784a3355c9cf16c6b4d78909dc606220ce7ef
b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6
ba961aa4d4e93ebf22490a839ba3a1df0ac81bd45639602e87c2bb72efaacf3b
bb94dde72cc3f6f7e3f1573beb750964d0e49019818581be5b54d35528e43264
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
beb7135f018e8943df0610a776996d63ef92f26ee06491311e6f850d87a09e82
bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89
bfe7b85aac9b20349eb05f72c97a2655cc659dacbc6a718a05dbc2fb9b4abc2b
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb93ef9998c2df650aae6af5dface0009532f3f5d504d41fcc84b95cb17b543f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccf2e6af53c44d7d90a0e1448e9f8e4d803567bd41fd408dbd78bf185d0df088
cf2e28323dbbecf808a67599ea72520f66476e8ff74933e6edfe6cb33ebe4fde
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d190ca6179de3e202dfc057fd94332a994dc1e548051c9b791158004b2f661bc
d2abca8f6c9a782408455e2f62859e2730333c7477ca031ad36e3bafa68dc615
d63e87aa5195c9ece2769af4893b4c07ffc3e59e3f507cd12c664a2c25e9c4bb
d9436d3c734495d1f9c54da6e985165ffcb48ad5f796d7815c972cc2094982d4
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
dee5116ea0e61bf714cdede95ace377f95b45498d456f6f13e7b7f500040d1d7
df2a22c241e7b66cd3a06434e03e5c9698f7f20c0f753bf259ee910cdf723825
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e02c69f9fc858a5ae6f6c76950e93e8f3a11fd875bdbcf8670f54092b430ec17
e0a888d91a8cca26f022d777887263c268e1354cf926c71c6d8707e5b9a67a49
e16b41022900afd35b5cbd962a676e9b6ab00c4242f6b2110f8364d11918ed56
e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e32da2e068c872053bed307d94e5eb0c22498a655906ca6ccc3890140bb68356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e72bc785c58439113a97e4e540b8bd686e55cb0a22687a91ac7da93ed8196e
e69c5c1ad63cc07b07cf8f17d59d33b2fa1035a1294d2953b8e7e951a7783714
e75eab44c7aff9e145274c831401791f925bde62eafe1ac9bfaf617b02633a78
ed9766c9f4ce4f6851e3d8416e9bec35b425dfc2b817b7647b1db8ff1a96c731
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f016ccf3ae88e50b138c2f0b65e94497ed25709135d8ebdf6e0f8f458748c98b
f1245119791cc42be0a6c584555848a4272f99d8a3b2435b55756c0584715b8b
f2444c83ac308f5cdda644076b0377ca72f830abc8d48913679e063695ebed23
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f3502f68d9d6ae5ebebe672f4ce207973009cb44ce64e623e0b5a1043a0a1577
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fadf3d08fe0dd7988291fc2c6b611d44149b0b4d55930b16fa5c96a4502bc244
fb06f95a985b164323cfb1fa971873f6314e667e0d2ca2e8ef11f7feed447a8f
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.thedutchhacker.com Open in urlscan Pro 63.250.43.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

317 Requests

88 %HTTPS

43 %IPv6

42 Domains

56 Subdomains

42 IPs

10 Countries

5689 kBTransfer

10603 kBSize

38 Cookies

30 Outgoing links

Redirected requests

317 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thedutchhacker.com Open in urlscan Pro
63.250.43.15 Public Scan

Screenshot
Live screenshot

Full Image

317
Requests

88 %
HTTPS

43 %
IPv6

42
Domains

56
Subdomains

42
IPs

10
Countries

5689 kB
Transfer

10603 kB
Size

38
Cookies

317 HTTP transactions
6 data transactions