redteam-tools.ad-attacks.com Open in urlscan Pro
172.67.211.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://redteam-tools.ad-attacks.com/
Submission: On June 20 via api (June 20th 2024, 4:39:38 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 55 HTTP transactions. The main IP is 172.67.211.56, located in United States and belongs to CLOUDFLARENET, US. The main domain is redteam-tools.ad-attacks.com.
TLS certificate: Issued by E5 on June 12th 2024. Valid for: 3 months.

This is the only time redteam-tools.ad-attacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	172.67.211.56 172.67.211.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
55	13

15 172.67.211.56 (United States)

ASN13335 (CLOUDFLARENET, US)

redteam-tools.ad-attacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ad-attacks.com redteam-tools.ad-attacks.com	179 KB
10	google.com news.google.com — Cisco Umbrella Rank: 6227 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	335 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 www.linkedin.com — Cisco Umbrella Rank: 545 px4.ads.linkedin.com — Cisco Umbrella Rank: 6416	3 KB
4	gstatic.com fonts.gstatic.com	204 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	197 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 112	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	6 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 486	8 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
55	10

	Domain	Requested by
15	redteam-tools.ad-attacks.com	redteam-tools.ad-attacks.com static.cloudflareinsights.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com redteam-tools.ad-attacks.com
4	fonts.gstatic.com	redteam-tools.ad-attacks.com fonts.googleapis.com
4	news.google.com	redteam-tools.ad-attacks.com news.google.com
4	pagead2.googlesyndication.com	redteam-tools.ad-attacks.com pagead2.googlesyndication.com
3	px.ads.linkedin.com	3 redirects
2	www.google-analytics.com	redteam-tools.ad-attacks.com www.google-analytics.com
1	lh3.googleusercontent.com	redteam-tools.ad-attacks.com
1	fonts.googleapis.com
1	px4.ads.linkedin.com	redteam-tools.ad-attacks.com
1	www.linkedin.com	1 redirects
1	cdn.ampproject.org	redteam-tools.ad-attacks.com
1	static.cloudflareinsights.com	redteam-tools.ad-attacks.com
55	13

This site contains no links.

Subject Issuer	Validity	Valid
redteam-tools.ad-attacks.com E5	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.news.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://redteam-tools.ad-attacks.com/
Frame ID: 7B1ECB38F5B8208C1599B361C97847CF
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Red Team Tools

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

55
Requests

71 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

962 kB
Transfer

3356 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098 HTTP 302
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ffmt%3Djs%26v%3D2%26url%3Dhttps%253A%252F%252Fredteam-tools.ad-attacks.com%252F%26time%3D1718901570706%26pid%3D4044098%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true&e_ipv6=AQKMUpq145MJXwAAAZA2hIt9g3AQMBcD_I4WUJqAMUNHMvaVURh733-GX_e2cPge

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
redteam-tools.ad-attacks.com/ 63 KB
13 KB 872ms
836ms Document
text/html 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d1996d9c4eca67a1da13a62f8eeb90e1993c97b04713aa8c03b7e4dfecc396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=16070400, must-revalidate
cf-cache-status: MISS
cf-ray: 896d31fafd981c26-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 16:39:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=320rX5ajEABg5a6hn7agq2245WVN2HMlab4sPocA0lLx6V1Bv2I4kpVV5Szcm1BBhYU6w1nNjqmN9P3fViPXecZ2zHiLmh9qsM9yjGA7x%2BQK2zYFSAFki2yesR72XL%2FdmUPjs%2FUly3PKgjQRPbx8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 webpack-runtime-b20cb333cd19536e2349.js Show response
redteam-tools.ad-attacks.com/ 3 KB
2 KB 126ms
126ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/webpack-runtime-b20cb333cd19536e2349.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d6b72cebcb3a4e2c37c6fb69ebd89de963942823851cc08af6cd3962727eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03c57f33ee78ebb0ea90b5356a788c60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6z3vX%2FBrlOBSj%2FISH%2FGtAbImLKq4dVp1YfcvKzuJa%2FQKhJWj4fy53sb4NqGj1zG3%2B5XQID9n89AmJSHZWQJ7uJQ3awRT5IpRp4WjXcs04B8t2J9MlVICNF7khOhKZi7mTZma7BK1NViUs%2FDStKHf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003ddd1c26-FRA
priority: u=1,i=?0

GET
H3 200 framework-765e22598f156804c016.js Show response
redteam-tools.ad-attacks.com/ 126 KB
40 KB 129ms
128ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/framework-765e22598f156804c016.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac5b06be4f19abfb5b9c6d6089e946326707a838cb8814bf6db2574c2c75b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ddcc8c32f61c7ab4de9c35c6355a875b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlC0UjVllkps%2FJgJPgIi5xxkDISf7U8M1a4NWbXEhAu4WWo%2BHVbA8ORbn6Wt%2FVBYk1QfYPD1tSGGe4%2BIhNtvsjcTSKYWtmcu1piLiXxjS6ZmFARVXgeKIB7k6KDceF4g7%2Bh6w80OkfWLBNpCV69v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de01c26-FRA
priority: u=1,i=?0

GET
H3 200 app-b1c2bf619cffb0de6c9a.js Show response
redteam-tools.ad-attacks.com/ 174 KB
58 KB 144ms
143ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8395b940d78fea0068c897b294c6624cc32ff29bd3edc18cbd2c66f31317212

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5a898a4751a78d384e176a8ed9fc5ae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkKSP020EWNPsRrIZaDJcQz0%2FbeP8P1xfftrFt3v4s9EGh8BRz1YQeBPOY9MwUTfojvmgJ%2FQ%2FXdfKQ2E2wCVxzjUjqp6MifkOw9YjBujuEZPJ26vYNEfxCRV2CqLCZ8zXNoBbtmQtgHiF07omayf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de41c26-FRA
priority: u=1,i=?0

GET
H3 200 29107295-80e124a6386a70f97d62.js Show response
redteam-tools.ad-attacks.com/ 71 KB
25 KB 180ms
179ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/29107295-80e124a6386a70f97d62.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76889baf4af5a50c50edb61a360419ae5446822a62b495e0c4f45ca3f9c1a7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1a8288921d6bf8dbea6504c50017dc3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaMbihP8E7uGpyeZEJFyLPCxbekXAYiaEfLnoIG7m3kZX1%2BiuGLgiKC9rgxUqAR%2FejRKIX2CpI0a1X7GjyOCrreJwTU%2FGyAH5xC5KT%2BP%2Fu2c7EtCI4E2kdVmVXW8FE%2FP3mA4IONeNQjSx7Flrr1Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de71c26-FRA
priority: u=1,i=?0

GET
H3 200 0c48b40860c1aa952142e3a9ab3e0eaf4029fb5b-e044dddd4002bbd50b9c.js Show response
redteam-tools.ad-attacks.com/ 56 KB
18 KB 140ms
140ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/0c48b40860c1aa952142e3a9ab3e0eaf4029fb5b-e044dddd4002bbd50b9c.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fed733823c73509d013fa7725d9dad68fbfef059cff72754da1b76b93c85f9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cc0dfe4cd10db87621ca6fc711603d1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7afs%2FZ43ZTQKBs0ejTHwHV1c9nPHitaPK1v4HZqXn5iUa7CnbaA9NWwMnJ%2FARqkAVU%2Bk03WNZ6YdjmWC8F5gGmQVyidWrLDmwT16hRpc7Pvb1xwXEDmRQQ8lEqsoEam54sq79NuXxuZH4G3EZ2f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003deb1c26-FRA
priority: u=1,i=?0

GET
H3 200 component---src-pages-index-tsx-114c53090a62374154be.js Show response
redteam-tools.ad-attacks.com/ 9 KB
4 KB 3409ms
3408ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/component---src-pages-index-tsx-114c53090a62374154be.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6699a309d8807e38e3411f105de92220a296d1fee6e9b269d989c854f900b83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"69b7530c13b31dea449124e0c580c8af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs1Z0UtbOkoyL9JwBxWlBQ8q3385YfM7yua52bdY6DOmzam7gPMtLiCDPFkoC00MTaMlo%2BaPK4sdj9iWtswebWatjX7uD1PTycJagCTJOkYDXDt8LdBSuD4Jq9Qw4F5r%2F1QUfnLrt%2FfPfQeEJ2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003dee1c26-FRA
priority: u=1,i=?0

GET
H3 200 page-data.json
redteam-tools.ad-attacks.com/page-data/index/ 2 KB
1 KB 159ms
158ms Other
application/json 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/page-data/index/page-data.json

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

336cde7a5b0aacc6251f872286771af47af5933a6bc06c1053fcb09392fe3e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"636d2650a0ae23a65ecef8958645b0b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BSiO1SeQLYnU%2BJGMvZBKjRzU5Pjrebr4hbVco0%2FqmgI%2BkUK5igBw7PGRIkk9A8Ce%2BG%2BkZODLvEIiWQzoZQGWN7JjYiWPM%2BzKj7epY0HnXGADFP5yzSWHy3xRBEbfSRYfaRXVKj0hi%2BXDawK%2Fayk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003df11c26-FRA
priority: u=1,i

GET
H3 200 app-data.json
redteam-tools.ad-attacks.com/page-data/ 50 B
622 B 3409ms
3409ms Other
application/json 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/page-data/app-data.json

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

327c867d39c06f2fd92034b947986ea9b8aa4b048ec421fba1b74f13efd84d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c2212e8bd488782b268e7cfbdaceaa7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGbmrn3GD30Lzn2sqmPJcdLdaWipxRHpPoSuEeq3oomy3Hg9vo4CFj2B%2B8QGPBsxqhV7g9xoQ1qAHmxoTl40MboNcCh6hpSAIG9zJvnq10eOolEWdkAjfKAc9AVt0ISDB%2BPrrsaqHR8jZkYqHilT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003df41c26-FRA
priority: u=1,i

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jun 2024 18:29:07 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 85ms
59ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 896d32007cad2be0-FRA

GET
H3 200 s.js Show response
redteam-tools.ad-attacks.com/cdn-cgi/zaraz/ 7 KB
4 KB 35ms
35ms Script
text/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUmVkJTIwVGVhbSUyMFRvb2xzJTIyJTJDJTIyeCUyMiUzQTAuMzI3MDY4MjcxMTcxMjEzODQlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnJlZHRlYW0tdG9vbHMuYWQtYXR0YWNrcy5jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS0xMjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258ed252c122a10ec578624f818b94ba3431261fef1342932114cd909c09f6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://redteam-tools.ad-attacks.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQ9%2FU9h3UG9F5IEHSwRchG2XC9Uoo6AAECVyiBvm3nXVX2ZtAX1HjKBqPm95yu%2FjvtKUZL0DVKw5NLpf1HSwGnc7ju4kfXXPmMp0hSL99odQFKavoRN8%2F9m2VPz%2BhZcdeh7b3LDYhJOx85FWlcfn"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
priority: u=3,i=?0
cf-ray: 896d3200ded81c26-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
52 KB 76ms
59ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9236847887178276

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ab6c46c0f62a3b4b0532bcc81bd3e0330ededc2b595630b475914627f53e769b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53168
x-xss-protection: 0
server: cafe
etag: 16276633519364978322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f36cfd63864cf68b02402f021dcc4edd7f4cdf4f6f399ab4e95fef19ad3a58d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 16:39:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7563
x-xss-protection: 0
server: sffe
etag: "07032ec9a1f28724"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H2 200 swg-basic.js Show response
news.google.com/swg/js/v1/ 254 KB
74 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-basic.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c904149e076f9ebe0a811df54d0eaf1f52317aa3145b115cd5f8accdc9df828a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75172
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 20:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:48:31 GMT

GET
H2

200

/
px4.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ffmt%3Djs%26v%3D2%26url%3Dhttps%253A%252F%252Fredteam-tools.ad-attacks.com%252F%26time%3D1718901570706%2...
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true&e_ipv6=AQKMUpq145MJXwAAAZA2hIt9g3AQMBc...

0
0

266ms
189ms

Fetch
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px4.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true&e_ipv6=AQKMUpq145MJXwAAAZA2hIt9g3AQMBcD_I4WUJqAMUNHMvaVURh733-GX_e2cPge
Requested by: Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://redteam-tools.ad-attacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D898392D63CA466EBB50026C5096ACB2 Ref B: FRAEDGE1514 Ref C: 2024-06-20T16:39:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbVPXEzKajzIiTDN0GNA==

Redirect headers

date: Thu, 20 Jun 2024 16:39:33 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EF7341B9FC3E47ABB46846C4453841D5 Ref B: FRAEDGE1805 Ref C: 2024-06-20T16:39:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&time=1718901570706&pid=4044098&cookiesTest=true&liSync=true&e_ipv6=AQKMUpq145MJXwAAAZA2hIt9g3AQMBcD_I4WUJqAMUNHMvaVURh733-GX_e2cPge
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbVPXAxBNaa5mXnkDcRQ==

POST
H3 405 9997
redteam-tools.ad-attacks.com/www.ad-attacks.com/cur/ 0
0 68ms
67ms Fetch 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/www.ad-attacks.com/cur/9997?custid=&oid=&_ir=U25%257C00327cfb-bfe7-41cf-84fe-14b5ebd0f305%257C1718908770706

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUmVkJTIwVGVhbSUyMFRvb2xzJTIyJTJDJTIyeCUyMiUzQTAuMzI3MDY4MjcxMTcxMjEzODQlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnJlZHRlYW0tdG9vbHMuYWQtYXR0YWNrcy5jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS0xMjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vm1aTzQ8AaKExBlv0EO%2B9dtdqXZb%2FOh19KlMbSfQVuK0I5vQp6wAwNzsrM%2FRf8EJBTTnxFrL%2FZ3QbKwipzwJb7t6axN71WqnffHvOb8Zn1vZ8OrMCYeaFTU6T1Y0WWUn8mWBoo6bYSvuREhxU%2FuU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 896d32011f391c26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1,i

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 8ms
7ms Other
image/svg+xml 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:48:24 GMT

GET
H2 200 swg-mini-prompt.css
news.google.com/swg/js/v1/ 3 KB
949 B 10ms
9ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-mini-prompt.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 855
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:48:35 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
5 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:55:36 GMT

GET article
news.google.com/swg/_/api/v1/publication/CAowr92LCw/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/ 428 KB
145 KB 86ms
71ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9236847887178276&plah=redteam-tools.ad-attacks.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9236847887178276

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0202b3007457b90f78dc34c8acd9c88437f51948b2a91ec6731d395bc4001a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148124
x-xss-protection: 0
server: cafe
etag: 1345344455953589874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H3 200 component---src-pages-index-tsx-114c53090a62374154be.js Show response
redteam-tools.ad-attacks.com/ 9 KB
0 5ms
5ms Script
application/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/component---src-pages-index-tsx-114c53090a62374154be.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/webpack-runtime-b20cb333cd19536e2349.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6699a309d8807e38e3411f105de92220a296d1fee6e9b269d989c854f900b83e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"69b7530c13b31dea449124e0c580c8af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs1Z0UtbOkoyL9JwBxWlBQ8q3385YfM7yua52bdY6DOmzam7gPMtLiCDPFkoC00MTaMlo%2BaPK4sdj9iWtswebWatjX7uD1PTycJagCTJOkYDXDt8LdBSuD4Jq9Qw4F5r%2F1QUfnLrt%2FfPfQeEJ2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003dee1c26-FRA
priority: u=1,i=?0

GET
H2 200 ca-pub-9236847887178276 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 67ms
44ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9236847887178276?href=https%3A%2F%2Fredteam-tools.ad-attacks.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9236847887178276&plah=redteam-tools.ad-attacks.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b69649a7a18dee813766f2fd4f95ce8fa83ae1033a52ca0b8b901d5d4f0b856

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScxC9YWIs0Vbpj2FEiX3Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScxC9YWIs0Vbpj2FEiX3Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAtxcxzbdnEzm8CNpf_clTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAzN9AzM4wsMACLdPrc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
217 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1633620538&t=pageview&_s=1&dl=https%3A%2F%2Fredteam-tools.ad-attacks.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Red%20Team%20Tools&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=591544214&gjid=1346574397&cid=761130091.1718901571&tid=UA-zzzzz-1&_gid=1362376447.1718901571&_r=1&_slc=1&z=551108820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 16:39:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redteam-tools.ad-attacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVoC3HV9YwtcvGPVMqoBCiJdDrpGNxBxODVBBAz5YmV8H8AxgtMS_O0t3izWLRirGfxZcbneNs-iC7RuAML_EPFT_NGa8Grjbn0R3nR3YiLoUxPIk-tbNCSPHb515BZkitV33f7_A== Show response
fundingchoicesmessages.google.com/f/ 416 KB
62 KB 104ms
104ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVoC3HV9YwtcvGPVMqoBCiJdDrpGNxBxODVBBAz5YmV8H8AxgtMS_O0t3izWLRirGfxZcbneNs-iC7RuAML_EPFT_NGa8Grjbn0R3nR3YiLoUxPIk-tbNCSPHb515BZkitV33f7_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4OTAxNTc0LDIwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZWR0ZWFtLXRvb2xzLmFkLWF0dGFja3MuY29tLyIsbnVsbCxbWzgsInJNVzFfV09palQ4Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMwXfiOHWM7xtxi2Kda4yg7cqgrgXg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5996c50650d57789b30e445dfbc68ffcb6d637248c2b0ad78cbf9c5ca2be4b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W18VARfh7G-vE4zU-AXFvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-W18VARfh7G-vE4zU-AXFvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAvxcBzbdnEzm8CHS7v7GZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwMzfQMzOMLDABc4D78"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 48ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rMW1_WOijT8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzMNwJ46tuMDAkOR46YIEEQwpsU5w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 16:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 16:39:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 16:39:34 GMT

GET
H2 200 CVnBn2E7pkpr5GCwy9oPkgdiVRORekUH0bMInZajKU4_ewLj7WwIDgIva5Xgu8OtJRoePgkIHupT4U4X-ayk0b0uWJPucXuAKyA3jy07TGwDFiOVKkI=h60
lh3.googleusercontent.com/ 5 KB
5 KB 388ms
336ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/CVnBn2E7pkpr5GCwy9oPkgdiVRORekUH0bMInZajKU4_ewLj7WwIDgIva5Xgu8OtJRoePgkIHupT4U4X-ayk0b0uWJPucXuAKyA3jy07TGwDFiOVKkI=h60

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5dec19ce4eff26ee2451b5e7e655d29619de5488eca118e9bd8a111c96f888be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4732
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 21 Jun 2024 16:39:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:59:09 GMT
x-content-type-options: nosniff
age: 178825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:59:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:16:21 GMT
x-content-type-options: nosniff
age: 177793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:16:21 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:13:17 GMT
x-content-type-options: nosniff
age: 177977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:13:17 GMT

POST
H3 204 AGSKWxUw5jZ2L2YP1HkoIvzvK76ZOxPkoRLdpLZ9OCrYe2hRTA7-QiK256YsY_nKhIOAlBAoYVo7kU63cdw3HNgtffhjj_B2ZuM1LSrgNFftz43YuzMrBOBl6PGquQSOqkSYH8C1rX8RSQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
21ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUw5jZ2L2YP1HkoIvzvK76ZOxPkoRLdpLZ9OCrYe2hRTA7-QiK256YsY_nKhIOAlBAoYVo7kU63cdw3HNgtffhjj_B2ZuM1LSrgNFftz43YuzMrBOBl6PGquQSOqkSYH8C1rX8RSQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wkuTXbxeSZUq3XsU3yMjBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-wkuTXbxeSZUq3XsU3yMjBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fs28XNbAIvbj44zKjkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDM30DMzjCwwAjqsslA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://redteam-tools.ad-attacks.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUw5jZ2L2YP1HkoIvzvK76ZOxPkoRLdpLZ9OCrYe2hRTA7-QiK256YsY_nKhIOAlBAoYVo7kU63cdw3HNgtffhjj_B2ZuM1LSrgNFftz43YuzMrBOBl6PGquQSOqkSYH8C1rX8RSQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XfN4kdtz3NKSW-PzBn26dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-XfN4kdtz3NKSW-PzBn26dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fs28XNbAIzek4fZlRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAVbwr1g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://redteam-tools.ad-attacks.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://redteam-tools.ad-attacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:15:10 GMT
x-content-type-options: nosniff
age: 177864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:15:10 GMT

POST
H3 204 rum Show response
redteam-tools.ad-attacks.com/cdn-cgi/ 0
150 B 20ms
20ms XHR
text/plain 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://redteam-tools.ad-attacks.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 896d321a3f501c26-FRA

GET
H3 404 favicon.ico
redteam-tools.ad-attacks.com/ 51 KB
10 KB 241ms
241ms Other
text/html 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8acd0d17474837c2e74ac425f3e4a0bf8f3e60d627632b53a3958a317f8f6797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTTJLEG8fW1TvExJODSNx682qu61gR%2FkPWxZ%2FLEjbF4NHzTyaxY2brHtfMkzQ9nuiZIWuPZFELiSeOLDP4hmmT1814Ry6U7aJEoUQ9IO8awhrAsofO1h1dmgL8TlYCbW2l2psa0L5FMHLJVbpY4B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
cf-ray: 896d321a3f551c26-FRA
priority: u=1,i

GET
H2 200 css
fonts.googleapis.com/ 109 KB
0 8ms
8ms Other
text/css

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 16:39:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 16:39:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/ 0
0 7ms
7ms Other
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9236847887178276&plah=redteam-tools.ad-attacks.com&aplac=true

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148124
x-xss-protection: 0
server: cafe
etag: 1345344455953589874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H3 200 s.js
redteam-tools.ad-attacks.com/cdn-cgi/zaraz/ 0
4 KB 48ms
41ms Other
text/javascript 172.67.211.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.211.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://redteam-tools.ad-attacks.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugGezGB49iUv9EDiJzzox%2B5vmOdp4UzCxplui6e4QnOZVaqMihGYkOeJeZhAfShUcAQ%2BouZOy8ABsUgMCOVYvibCucku0QAqKhNX7Ouc%2FFHIYgPkVi0tlwVUlTZIz3gtCmnxI7OGEkhu9LLEcASD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
priority: u=4,i
cf-ray: 896d322099331c26-FRA

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
0 8ms
8ms Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jun 2024 18:29:07 GMT

GET
H3 200 webpack-runtime-b20cb333cd19536e2349.js
redteam-tools.ad-attacks.com/ 3 KB
0 8ms
8ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/webpack-runtime-b20cb333cd19536e2349.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

86d6b72cebcb3a4e2c37c6fb69ebd89de963942823851cc08af6cd3962727eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03c57f33ee78ebb0ea90b5356a788c60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6z3vX%2FBrlOBSj%2FISH%2FGtAbImLKq4dVp1YfcvKzuJa%2FQKhJWj4fy53sb4NqGj1zG3%2B5XQID9n89AmJSHZWQJ7uJQ3awRT5IpRp4WjXcs04B8t2J9MlVICNF7khOhKZi7mTZma7BK1NViUs%2FDStKHf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003ddd1c26-FRA
priority: u=1,i=?0

GET
H3 200 framework-765e22598f156804c016.js
redteam-tools.ad-attacks.com/ 126 KB
0 8ms
8ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/framework-765e22598f156804c016.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bac5b06be4f19abfb5b9c6d6089e946326707a838cb8814bf6db2574c2c75b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ddcc8c32f61c7ab4de9c35c6355a875b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlC0UjVllkps%2FJgJPgIi5xxkDISf7U8M1a4NWbXEhAu4WWo%2BHVbA8ORbn6Wt%2FVBYk1QfYPD1tSGGe4%2BIhNtvsjcTSKYWtmcu1piLiXxjS6ZmFARVXgeKIB7k6KDceF4g7%2Bh6w80OkfWLBNpCV69v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de01c26-FRA
priority: u=1,i=?0

GET
H3 200 app-b1c2bf619cffb0de6c9a.js
redteam-tools.ad-attacks.com/ 174 KB
0 9ms
9ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d8395b940d78fea0068c897b294c6624cc32ff29bd3edc18cbd2c66f31317212

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5a898a4751a78d384e176a8ed9fc5ae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkKSP020EWNPsRrIZaDJcQz0%2FbeP8P1xfftrFt3v4s9EGh8BRz1YQeBPOY9MwUTfojvmgJ%2FQ%2FXdfKQ2E2wCVxzjUjqp6MifkOw9YjBujuEZPJ26vYNEfxCRV2CqLCZ8zXNoBbtmQtgHiF07omayf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de41c26-FRA
priority: u=1,i=?0

GET
H3 200 29107295-80e124a6386a70f97d62.js
redteam-tools.ad-attacks.com/ 71 KB
0 24ms
24ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/29107295-80e124a6386a70f97d62.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

76889baf4af5a50c50edb61a360419ae5446822a62b495e0c4f45ca3f9c1a7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1a8288921d6bf8dbea6504c50017dc3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaMbihP8E7uGpyeZEJFyLPCxbekXAYiaEfLnoIG7m3kZX1%2BiuGLgiKC9rgxUqAR%2FejRKIX2CpI0a1X7GjyOCrreJwTU%2FGyAH5xC5KT%2BP%2Fu2c7EtCI4E2kdVmVXW8FE%2FP3mA4IONeNQjSx7Flrr1Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003de71c26-FRA
priority: u=1,i=?0

GET
H3 200 0c48b40860c1aa952142e3a9ab3e0eaf4029fb5b-e044dddd4002bbd50b9c.js
redteam-tools.ad-attacks.com/ 56 KB
0 26ms
26ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/0c48b40860c1aa952142e3a9ab3e0eaf4029fb5b-e044dddd4002bbd50b9c.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fed733823c73509d013fa7725d9dad68fbfef059cff72754da1b76b93c85f9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cc0dfe4cd10db87621ca6fc711603d1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7afs%2FZ43ZTQKBs0ejTHwHV1c9nPHitaPK1v4HZqXn5iUa7CnbaA9NWwMnJ%2FARqkAVU%2Bk03WNZ6YdjmWC8F5gGmQVyidWrLDmwT16hRpc7Pvb1xwXEDmRQQ8lEqsoEam54sq79NuXxuZH4G3EZ2f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003deb1c26-FRA
priority: u=1,i=?0

GET
H3 200 component---src-pages-index-tsx-114c53090a62374154be.js
redteam-tools.ad-attacks.com/ 9 KB
0 27ms
27ms Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/component---src-pages-index-tsx-114c53090a62374154be.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6699a309d8807e38e3411f105de92220a296d1fee6e9b269d989c854f900b83e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"69b7530c13b31dea449124e0c580c8af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs1Z0UtbOkoyL9JwBxWlBQ8q3385YfM7yua52bdY6DOmzam7gPMtLiCDPFkoC00MTaMlo%2BaPK4sdj9iWtswebWatjX7uD1PTycJagCTJOkYDXDt8LdBSuD4Jq9Qw4F5r%2F1QUfnLrt%2FfPfQeEJ2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003dee1c26-FRA
priority: u=1,i=?0

GET
H3 200 page-data.json
redteam-tools.ad-attacks.com/page-data/index/ 2 KB
0 9ms
9ms Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/page-data/index/page-data.json

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

336cde7a5b0aacc6251f872286771af47af5933a6bc06c1053fcb09392fe3e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"636d2650a0ae23a65ecef8958645b0b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BSiO1SeQLYnU%2BJGMvZBKjRzU5Pjrebr4hbVco0%2FqmgI%2BkUK5igBw7PGRIkk9A8Ce%2BG%2BkZODLvEIiWQzoZQGWN7JjYiWPM%2BzKj7epY0HnXGADFP5yzSWHy3xRBEbfSRYfaRXVKj0hi%2BXDawK%2Fayk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003df11c26-FRA
priority: u=1,i

GET
H3 200 app-data.json
redteam-tools.ad-attacks.com/page-data/ 50 B
0 16ms
16ms Other
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://redteam-tools.ad-attacks.com/page-data/app-data.json

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

327c867d39c06f2fd92034b947986ea9b8aa4b048ec421fba1b74f13efd84d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c2212e8bd488782b268e7cfbdaceaa7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGbmrn3GD30Lzn2sqmPJcdLdaWipxRHpPoSuEeq3oomy3Hg9vo4CFj2B%2B8QGPBsxqhV7g9xoQ1qAHmxoTl40MboNcCh6hpSAIG9zJvnq10eOolEWdkAjfKAc9AVt0ISDB%2BPrrsaqHR8jZkYqHilT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 896d32003df41c26-FRA
priority: u=1,i

GET
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 5ms
5ms Other
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9236847887178276

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53168
x-xss-protection: 0
server: cafe
etag: 16276633519364978322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H2 200 amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 24 KB
0 21ms
21ms Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6f36cfd63864cf68b02402f021dcc4edd7f4cdf4f6f399ab4e95fef19ad3a58d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 16:39:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7563
x-xss-protection: 0
server: sffe
etag: "07032ec9a1f28724"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 16:39:30 GMT

GET
H2 200 swg-basic.js
news.google.com/swg/js/v1/ 254 KB
0 22ms
22ms Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-basic.js

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c904149e076f9ebe0a811df54d0eaf1f52317aa3145b115cd5f8accdc9df828a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75172
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 20:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:48:31 GMT

GET
H2 200 swg-mini-prompt.css
news.google.com/swg/js/v1/ 3 KB
0 23ms
23ms Other
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-mini-prompt.css

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 855
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:48:35 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
0 23ms
23ms Other
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:55:36 GMT

GET
H3 200 ca-pub-9236847887178276
fundingchoicesmessages.google.com/i/ 0
64 KB 56ms
45ms Other
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9236847887178276?href=https%3A%2F%2Fredteam-tools.ad-attacks.com&ers=2

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o52v7BoD7-aDLnw0yhAiaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o52v7BoD7-aDLnw0yhAiaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAvxcBzfdnEzm8CDjhWNzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBmaGZnoG5vEFBgBKLD6J"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVoC3HV9YwtcvGPVMqoBCiJdDrpGNxBxODVBBAz5YmV8H8AxgtMS_O0t3izWLRirGfxZcbneNs-iC7RuAML_EPFT_NGa8Grjbn0R3nR3YiLoUxPIk-tbNCSPHb515BZkitV33f7_A==
fundingchoicesmessages.google.com/f/ 0
62 KB 110ms
99ms Other
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: redteam-tools.ad-attacks.com
URL: https://redteam-tools.ad-attacks.com/app-b1c2bf619cffb0de6c9a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Q_jKpmsrVJQgy3VN-fdWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://redteam-tools.ad-attacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 16:39:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-1Q_jKpmsrVJQgy3VN-fdWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAvxcBzfdnEzm0DHqbkLmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwMzfQMzOMLDABIWT6G"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: news.google.com
URL: https://news.google.com/swg/_/api/v1/publication/CAowr92LCw/article?locked=false

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad-attacks.com/	1970-01-21 07:04:21	Name: _ga Value: GA1.2.761130091.1718901571
.ad-attacks.com/	1970-01-20 21:29:47	Name: _gid Value: GA1.2.1362376447.1718901571
.ad-attacks.com/	1970-01-21 07:04:21	Name: cfz_impact-radius Value: %7B%22nxmS_PI%22%3A%7B%22v%22%3A%2200327cfb-bfe7-41cf-84fe-14b5ebd0f305%22%2C%22e%22%3A1781109570706%7D%2C%22nxmS_9997%22%3A%7B%22v%22%3A%221718901570706%7C0%7C1718901570706%7C%7C%7C%22%2C%22e%22%3A3437804941412%7D%7D
.linkedin.com/	1970-01-20 23:37:57	Name: li_sugr Value: edcaed0d-6b3a-414a-ab5f-241c174b87c5
.linkedin.com/	1970-01-21 06:13:57	Name: bcookie Value: "v=2&819d30e2-cf25-4470-860f-9c6e4ca086c4"
.linkedin.com/	1970-01-20 21:29:47	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3314:u=1:x=1:i=1718901571:t=1718987971:v=2:sig=AQH_0oBeEeKigNU8OvRP-irb9HG1wzN0"
.ad-attacks.com/	1970-01-20 21:28:21	Name: _gat Value: 1
.linkedin.com/	1970-01-20 22:11:33	Name: UserMatchHistory Value: AQI9SfIRcexEqgAAAZA2hIoFQZ8qONrFeN0aAFHp3h9AcYg2xHsTp_9kSj-RXzEIlYLvhvOPros15w
.linkedin.com/	1970-01-20 22:11:33	Name: AnalyticsSyncHistory Value: AQKpIq0bjF_5GAAAAZA2hIoFB55L6Hi6NihOGEjHqAVsJhqLyuktLMRtSjWIp_fwVUD6RUWKHyzhj31w8eb1nA
.www.linkedin.com/	1970-01-21 06:13:57	Name: bscookie Value: "v=1&20240620163934d42772c6-d9b3-4223-8d4c-7466e37faabaAQGqV9wu97t1G3hW_B8tWz5rZv3u6pFG"
.linkedin.com/	1970-01-21 01:47:33	Name: li_gc Value: MTswOzE3MTg5MDE1NzQ7MjswMjGX07XBNAjbzB94P9baEWucQVXVkYr04+Od42cP4SX4TA==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redteam-tools.ad-attacks.com/www.ad-attacks.com/cur/9997?custid=&oid=&_ir=U25%257C00327cfb-bfe7-41cf-84fe-14b5ebd0f305%257C1718908770706 Message: Failed to load resource: the server responded with a status of 405 ()
javascript	error	URL: https://redteam-tools.ad-attacks.com/ Message: Access to fetch at 'https://news.google.com/swg/_/api/v1/publication/CAowr92LCw/article?locked=false' from origin 'https://redteam-tools.ad-attacks.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://news.google.com/swg/_/api/v1/publication/CAowr92LCw/article?locked=false Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://redteam-tools.ad-attacks.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
news.google.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
redteam-tools.ad-attacks.com
static.cloudflareinsights.com
www.google-analytics.com
www.linkedin.com
news.google.com
13.107.42.14
142.250.184.194
142.250.185.78
172.67.211.56
2606:4700::6810:4f49
2620:1ec:21::14
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:828::200e
0202b3007457b90f78dc34c8acd9c88437f51948b2a91ec6731d395bc4001a1d
1b69649a7a18dee813766f2fd4f95ce8fa83ae1033a52ca0b8b901d5d4f0b856
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
258ed252c122a10ec578624f818b94ba3431261fef1342932114cd909c09f6cf
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
327c867d39c06f2fd92034b947986ea9b8aa4b048ec421fba1b74f13efd84d11
336cde7a5b0aacc6251f872286771af47af5933a6bc06c1053fcb09392fe3e6a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5dec19ce4eff26ee2451b5e7e655d29619de5488eca118e9bd8a111c96f888be
6699a309d8807e38e3411f105de92220a296d1fee6e9b269d989c854f900b83e
6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414
6f36cfd63864cf68b02402f021dcc4edd7f4cdf4f6f399ab4e95fef19ad3a58d
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
76889baf4af5a50c50edb61a360419ae5446822a62b495e0c4f45ca3f9c1a7d5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86d6b72cebcb3a4e2c37c6fb69ebd89de963942823851cc08af6cd3962727eac
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8acd0d17474837c2e74ac425f3e4a0bf8f3e60d627632b53a3958a317f8f6797
ab6c46c0f62a3b4b0532bcc81bd3e0330ededc2b595630b475914627f53e769b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bac5b06be4f19abfb5b9c6d6089e946326707a838cb8814bf6db2574c2c75b5c
c2d1996d9c4eca67a1da13a62f8eeb90e1993c97b04713aa8c03b7e4dfecc396
c904149e076f9ebe0a811df54d0eaf1f52317aa3145b115cd5f8accdc9df828a
d5996c50650d57789b30e445dfbc68ffcb6d637248c2b0ad78cbf9c5ca2be4b0
d8395b940d78fea0068c897b294c6624cc32ff29bd3edc18cbd2c66f31317212
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fed733823c73509d013fa7725d9dad68fbfef059cff72754da1b76b93c85f9de

redteam-tools.ad-attacks.com Open in urlscan Pro 172.67.211.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

71 %HTTPS

69 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

962 kBTransfer

3356 kBSize

11 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redteam-tools.ad-attacks.com Open in urlscan Pro
172.67.211.56 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

71 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

962 kB
Transfer

3356 kB
Size

11
Cookies

55 HTTP transactions
0 data transactions