urlscan.io logo urlscan.io
SecurityTrails logo

c3rb3ru5d3d53c.github.io Open in urlscan Pro
185.199.109.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Submission: On December 27 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is c3rb3ru5d3d53c.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.
This is the only time c3rb3ru5d3d53c.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 185.199.109.153 54113 (FASTLY)
16 104.16.88.20 13335 (CLOUDFLAR...)
19 2
Apex Domain
Subdomains		 Transfer
16 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
376 KB
3 github.io
c3rb3ru5d3d53c.github.io
21 KB
19 2
Domain Requested by
16 cdn.jsdelivr.net c3rb3ru5d3d53c.github.io
cdn.jsdelivr.net
3 c3rb3ru5d3d53c.github.io c3rb3ru5d3d53c.github.io
19 2

This site contains links to these domains. Also see Links.

Domain
discord.gg
unlicense.org
Subject Issuer Validity Valid
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Frame ID: CBAF6B6961EDCE49F19E00B0E190215C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Page not found - Malware Hell

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

396 kB
Transfer

766 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
2e5c34d715ec8e848a5dae518d7346333c0ea645b21aa0978a17fdaaa9d37304
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
content-encoding
gzip
content-length
2532
content-type
text/html; charset=utf-8
date
Wed, 27 Dec 2023 13:40:01 GMT
etag
W/"64c49040-236f"
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
b13f4105c2ffc2718bd106ee8fe916a5a3a943df
x-github-request-id
F1C0:654F6:3BC6393:3CE211F:658C2925
x-proxy-cache
MISS
x-served-by
cache-lin2290022-LIN
x-timer
S1703684401.088798,VS0,VE114
style.min.css
c3rb3ru5d3d53c.github.io/css/ 		69 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c3rb3ru5d3d53c.github.io/css/style.min.css
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
cf6878db51c51b2d04ae155284a4403dbee8db33e16c066f954c95279c271fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
a0506cf6137df7636c829b10a0f60b0849c57112
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Wed, 27 Dec 2023 13:40:01 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
10818
x-served-by
cache-lin2290022-LIN
last-modified
Sat, 29 Jul 2023 04:06:24 GMT
server
GitHub.com
x-github-request-id
1F22:231EC6:58ECBED:5A8DB52:658C2931
x-timer
S1703684401.234058,VS0,VE114
etag
W/"64c49040-1151b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Wed, 27 Dec 2023 13:50:01 GMT
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/ 		98 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2284067
x-jsd-version
6.1.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqlh%2BLrFl0J5rn4hK4jNLz6ds%2FqN6xR0JCNsuLBDWWGbBkd3B%2BIz4Dv5n1Cx2q0Hj5MpZVDvd%2F2vxy9m8%2BXukjlD5He7Wmw8Hl090yH3NQPCinzY8TlH9cLQ1%2FSUpOU507g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913ead74c43-MXP
animate.min.css
cdn.jsdelivr.net/npm/animate.css@4.1.1/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/animate.css@4.1.1/animate.min.css
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2281451
x-jsd-version
4.1.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220077-FRA, cache-mxp6922-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"11846-uB7xsi3iavinpGVvVl+8kaaddRg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBVR%2BjFbzZmIuBQAlyP0H5fwdzHmYiNeO%2B%2BQy6BgHYJPe8xB5epKBnFhWFZGsQmZqDBTfut6hDoUt7V%2B5E1V233MBEU4kPTnsj8kRGR9G4morxLYT4ZHe2kBvpxyfxxPlcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913ead84c43-MXP
lightgallery-bundle.min.css
cdn.jsdelivr.net/npm/lightgallery@2.5.0/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lightgallery@2.5.0/css/lightgallery-bundle.min.css
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb289e50cc9ac33906b9be77654f1340844150a9150a1b4be88cab7b044c4e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
90422
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220094-FRA, cache-lga21979-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"7357-9CTciuKsdAKFTp1LjAJ6v43i7f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLLZWh23aQbyw9Y101poiRbXyR7jVzmbFC2bULOGFZjN6eHGkNK2GAJ2HBXvdRpKBb5%2FBXmDE8QdPgw%2FF5ZLW829XvcQ8R4Noitm3AupERL%2FL5CwhoDLqv8%2B6lusnElna2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913ead44c43-MXP
autocomplete.min.js
cdn.jsdelivr.net/npm/autocomplete.js@0.38.1/dist/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/autocomplete.js@0.38.1/dist/autocomplete.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2da1bd62c6469ee27770ad1cddf2e8296d8a7f6d85b091463e5200c5e320af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
297033
x-jsd-version
0.38.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220079-FRA, cache-lga21944-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"e0c6-9tIa/hTSq8FOadO5Cm90TkW6dMY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3mK8GQVNxDqsT%2BYsHBUqCmEUErMWBZbXdxof4tOex1rCjVio8tnHke%2Fc3o0S3KKFRQ2ivE3RFFpYDrX02rl8o4xPvhJNkX50RLllq7nw34IebsZYn3mETXjBBpiLAZs5Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f9140b024c43-MXP
algoliasearch-lite.umd.min.js
cdn.jsdelivr.net/npm/algoliasearch@4.13.1/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/algoliasearch@4.13.1/dist/algoliasearch-lite.umd.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0403ef41ee9ba18f7931da78d11e54e7bfe40471652798145095360cc8bb6f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
4.13.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"37a7-Ozm73CV0p5W31ybPg3W9VVO+EFE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBh8SlSs7Jk%2BKVgqNtmUXNgBN0Cmsbw0jhfshqNHXhckna%2BIBFK0ZrbHBLcNViROeeM4pHlLu0ywhgj7zNa4U6QrQed9MvtcxOFlbm1ejpsGCbZjLOeYUjlpYhB5rFB0zrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f9140b044c43-MXP
lazysizes.min.js
cdn.jsdelivr.net/npm/lazysizes@5.3.2/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazysizes@5.3.2/lazysizes.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2529497
x-jsd-version
5.3.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220041-FRA, cache-mxp6940-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"1ed1-+lXiz/B4OB5TZdlXgqlaeH0LcZI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CRRNQynTpJhiW3vb9%2FAP6iyy3j9ICIG4NxnWo0LG4q9HTrT6NeUjLW7I7G0yM8NmZrNQ2y7aRSGnkrFXJoIU22nvaYzqlx2zc5Ev1OWj8%2BQGuVdRhUVLQMnDY19Uc0l74k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913eadc4c43-MXP
twemoji.min.js
cdn.jsdelivr.net/npm/twemoji@14.0.2/dist/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/twemoji@14.0.2/dist/twemoji.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706224d8dc5440460f8ed91c1a6aad25d732af6e0ee6fb31151b157ab485babb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2541107
x-jsd-version
14.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220104-FRA, cache-mxp6923-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"441d-jRsS6SzbYaTnLJVVzEvraaMX+jo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Er7Rdw6ZZlg41zyO4ybV9Hgo6jmm0qGycfo5RxDb%2F7Hs3soLLiJ6J61rMws1NBZCPNO8Kt%2BklILHt2F0pCCTX8XUT6fx6Yp9b04OIN5bu2va4QEV7qtTsB3eN%2FqlmRxPf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f9140b034c43-MXP
lightgallery.min.js
cdn.jsdelivr.net/npm/lightgallery@2.5.0/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lightgallery@2.5.0/lightgallery.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76de3dfe159663ec8ee53e01236a700892a6af8bd6ece645d57ce1a6622fcabe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
90418
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230110-FRA, cache-lga21969-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"b78a-EZDJGgdo7aJ8JjJSIH3p3pslZWE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmBjec02G5sOLK6DAq30FQdsfjrXYhJIfZYziydiyQoidQnF%2Fi0vr0ooz4AppjSHoRbNMBhFjm1B6Bg5UfitcwyOcr7ViGIHf7L8W4ztF86gkrNl%2F34Xwvwcf0ETNwc7Kbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f9140afe4c43-MXP
lg-thumbnail.min.js
cdn.jsdelivr.net/npm/lightgallery@2.5.0/plugins/thumbnail/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lightgallery@2.5.0/plugins/thumbnail/lg-thumbnail.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69271c835fa573787864273123c641be063fb5ff3e275db401748c2ac9ba8dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
116768
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA, cache-lga21971-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2403-S3wQXSKpTMS9HJlfQSI3F/8yS50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJphVoKKjuWmxoYGhTMin%2FBr5XxZLaa0ovRo19OeC7PTb6kcKPOXGs6VfcykxsAVby8hBNs%2Bpwe1POT98%2FZdedjNg3treuqqhf6799an5hyRQJtaiFZqC8G5DuOIdE3V6bM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913eadf4c43-MXP
lg-zoom.min.js
cdn.jsdelivr.net/npm/lightgallery@2.5.0/plugins/zoom/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lightgallery@2.5.0/plugins/zoom/lg-zoom.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2784e8ad09c5394c7b7eeaef1a63887eaaeab751d6d79f6c07415106625b7cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
116768
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230040-FRA, cache-lga21926-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"3fdc-POboxWr4ucVsVoiBNYqsW0nikMo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E00MxJAsyjOVTQvUzyq11vp3pwTw4j65Wc9bL%2FjC7tIB56icCCQ04h5PBagliSSryRqAJN6uqDVGnX5th4itFVS6Wr%2BjW3r8724aIUBN5WsAPgJ4w9lo1iVt0w4TZOVSCdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f9140afd4c43-MXP
clipboard.min.js
cdn.jsdelivr.net/npm/clipboard@2.0.11/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clipboard@2.0.11/dist/clipboard.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2537896
x-jsd-version
2.0.11
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230035-FRA, cache-mxp6980-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"23c8-mny0Bfm+7QBYkVh9QfdqByCJP/w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgASsqnl%2BFvsUQ80ggnas4K%2BhPjCTNbObpyxKqZJrf4%2BXaD%2FyfuQtaj77SqJpS9hXjkB5EilfR0XH6k8by0AI%2BF9XrqjhAWb7ubstPFPP5Y9H2En%2BkkQafhRJQj%2FE4e3nYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913eade4c43-MXP
sharer.min.js
cdn.jsdelivr.net/npm/sharer.js@0.5.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sharer.js@0.5.1/sharer.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
297033
x-jsd-version
0.5.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230106-FRA, cache-lga21955-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1cf4-rU4XDuIRpC8036n5raFlH/qnNeg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8twFOZrpxs%2BMQ%2BWLj89bkWQ4VxN8cnLonRdjUu4kY6FrkeRTZhZY5UgQyLtrYUaimvLduU5I7JsX0gq7DYOqkDPqz7ICy%2B9JNKqdl9jr8PEzNa8%2BsiRrYkySjThlw6tjF5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913ead94c43-MXP
index.umd.js
cdn.jsdelivr.net/npm/typeit@8.6.0/dist/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/typeit@8.6.0/dist/index.umd.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4482c8aa2f6138437a0047fb3bb49eaa413dad4489a0995fcc4c81f0e955d269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
297033
x-jsd-version
8.6.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230034-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"20e0-uZULJhVsDlp1f5NSbAZsPgIN3e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3909%2BBNwrg%2BLCpQWqVq2izt2HVXH3IXS6VLRF6%2FjgNWyd3ypHUSAtVyLBQWY2oW98uh1S9LvwlWdIwRSHxLy5GEilxx7hj4xC12eRVmjWfZbPskuo4cBBphJKfeVbpp5dMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83c1f913eadb4c43-MXP
theme.min.js
c3rb3ru5d3d53c.github.io/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c3rb3ru5d3d53c.github.io/js/theme.min.js
Requested by
Host: c3rb3ru5d3d53c.github.io
URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
b0df51c2c57145081cc73960e9aa780e6f5f56d06cf4ef0f96da8ce1619d1e12
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
cd2f1557c82db014fce083c3217344ec756a1808
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Wed, 27 Dec 2023 13:40:01 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
6972
x-served-by
cache-lin2290022-LIN
last-modified
Sat, 29 Jul 2023 04:06:24 GMT
server
GitHub.com
x-github-request-id
E272:2E676D:3470DF9:3559A95:658C2931
x-timer
S1703684401.234130,VS0,VE108
etag
W/"64c49040-5cca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Wed, 27 Dec 2023 13:50:01 GMT
fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Origin
https://c3rb3ru5d3d53c.github.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2360390
x-jsd-version
6.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
154228
x-served-by
cache-fra-eddf8230045-FRA, cache-mxp6956-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"25a74-Jxfz9YJx8vLmEg2ZN8cicAJlbTQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrEbecV5kt%2Bv2dEBhVgV8KACHjPpdGQu5M%2FrsnzAwmHf%2BSMUi4sam5NXNiJRIg8eQzTeHgFnNQ5pMMCUzi0QOq9Qsf%2FzEklovP9pn3DWNJ979Svr0VqiOqcqY42xuvPqK7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83c1f914ceb80dc6-MXP
fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Origin
https://c3rb3ru5d3d53c.github.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4258610
x-jsd-version
6.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
105536
x-served-by
cache-fra-etou8220063-FRA, cache-mxp6920-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"19c40-ooDs3d0UaV+tIlmTAasDrf5SJMA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BBxwD2gT51boHNunxGrryDf32IkyLE0Dy9tF%2BMu%2FL%2BabJMevO7M7txEPPqguOBuPNiK2eNgc0TaI29FNU39BaIbCYJFNDwcvmYjH61Ws1PXEFXmIylibYpoIvoDvR3tEW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83c1f914ceb90dc6-MXP
fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a274e7629c0d71dcf8cab1e7733687ebfe32e2c53b4ca9fad050b4f1d5471f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
Origin
https://c3rb3ru5d3d53c.github.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 13:40:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
541157
x-jsd-version
6.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23940
x-served-by
cache-fra-eddf8230128-FRA, cache-lga21970-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"5d84-N5ykj3Dz1Pefi/EHmIHHxa9PRKQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBluq64Knuf8mSB%2BbWNaCTNmH8yrdv1LfYKbo9mUn9aszj9zTMoPC5FcA80fl%2B4h8Cvwb1u0DCtC%2FO6Sv01RiecV4AqZW5EPGAiL0l55V5ogD%2FtM3bxRls70IejqNHXL4GI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83c1f914ceba0dc6-MXP

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| autocomplete function| algoliasearch object| lazySizes object| twemoji function| lightGallery function| lgThumbnail function| lgZoom function| ClipboardJS function| Sharer function| TypeIt object| config function| _objectDestructuringEmpty function| _createForOfIteratorHelper function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| Util function| Theme function| themeInit number| _zid

0 Cookies

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952