gbhackers.com
Open in
urlscan Pro
172.233.149.136
Public Scan
Submitted URL: https://t.co/1QBGigO9F5
Effective URL: https://gbhackers.com/ransomhub-ransomware-edr-bypass/
Submission: On October 07 via api from IN — Scanned from CA
Effective URL: https://gbhackers.com/ransomhub-ransomware-edr-bypass/
Submission: On October 07 via api from IN — Scanned from CA
Summary
This website contacted 13 IPs
in 2 countries
across 10 domains to perform 76 HTTP transactions.
The main IP is 172.233.149.136, located in
Los Angeles, United States and
belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG.
The main domain is gbhackers.com.
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time gbhackers.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time gbhackers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 162.159.140.229 162.159.140.229 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 52.85.61.72 52.85.61.72 | 16509 (AMAZON-02) (AMAZON-02) | |
| 31 | 172.233.149.136 172.233.149.136 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:821::200a | 15169 (GOOGLE) (GOOGLE) | |
| 7 | 142.250.176.194 142.250.176.194 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 10 | 142.251.40.99 142.251.40.99 | 15169 (GOOGLE) (GOOGLE) | |
| 6 | 142.250.72.98 142.250.72.98 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2607:f8b0:400... 2607:f8b0:4006:807::200e | 15169 (GOOGLE) (GOOGLE) | |
| 9 | 142.250.64.110 142.250.64.110 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 192.0.77.2 192.0.77.2 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 4 | 2607:f8b0:400... 2607:f8b0:4006:817::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 142.251.32.97 142.251.32.97 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 142.251.40.228 142.251.40.228 | 15169 (GOOGLE) (GOOGLE) | |
| 76 | 13 |
1
52.85.61.72
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-72.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-72.ewr53.r.cloudfront.net
| ift.tt |
31
172.233.149.136
(Los Angeles, United States)
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-233-149-136.ip.linodeusercontent.com
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-233-149-136.ip.linodeusercontent.com
| gbhackers.com |
7
142.250.176.194
(United States)
ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
| pagead2.googlesyndication.com |
10
142.251.40.99
(Queens, United States)
ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f3.1e100.net
| fonts.gstatic.com |
6
142.250.72.98
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
| googleads.g.doubleclick.net |
9
142.250.64.110
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f14.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f14.1e100.net
| fundingchoicesmessages.google.com |
4
2607:f8b0:4006:817::2001
(United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| blogger.googleusercontent.com | |
| tpc.googlesyndication.com |
1
142.251.32.97
(Queens, United States)
ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net
| tpc.googlesyndication.com |
1
142.251.40.228
(Queens, United States)
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net
| www.google.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 31 |
gbhackers.com
gbhackers.com |
395 KB |
| 12 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3 |
74 KB |
| 10 |
gstatic.com
fonts.gstatic.com |
230 KB |
| 9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163 |
373 KB |
| 6 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 |
|
| 3 |
googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512 |
360 KB |
| 3 |
wp.com
1 redirects
stats.wp.com — Cisco Umbrella Rank: 3409 pixel.wp.com — Cisco Umbrella Rank: 3394 i2.wp.com — Cisco Umbrella Rank: 8133 |
4 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
3 KB |
| 1 |
ift.tt
1 redirects
ift.tt — Cisco Umbrella Rank: 534628 |
496 B |
| 1 |
t.co
t.co — Cisco Umbrella Rank: 859 |
901 B |
| 76 | 10 |
| Domain | Requested by | |
|---|---|---|
| 31 | gbhackers.com |
t.co
gbhackers.com |
| 11 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
| 10 | fonts.gstatic.com |
fonts.googleapis.com
|
| 7 | pagead2.googlesyndication.com |
gbhackers.com
pagead2.googlesyndication.com |
| 6 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 3 | blogger.googleusercontent.com | |
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | i2.wp.com | 1 redirects |
| 1 | pixel.wp.com |
gbhackers.com
|
| 1 | stats.wp.com |
gbhackers.com
|
| 1 | fonts.googleapis.com |
gbhackers.com
|
| 1 | ift.tt | 1 redirects |
| 1 | t.co | |
| 76 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.linkedin.com |
| webinars.indusface.com |
| go.cynet.com |
| my.demio.com |
| www.trendmicro.com |
| app.any.run |
| feeds.feedburner.com |
| twitter.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| t.co E5 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
| www.gbhackers.com R11 |
2024-09-02 - 2024-12-01 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-09-16 - 2024-12-09 |
3 months | crt.sh |
| *.g.doubleclick.net WR2 |
2024-09-16 - 2024-12-09 |
3 months | crt.sh |
| *.wp.com Sectigo ECC Domain Validation Secure Server CA |
2023-11-28 - 2024-12-28 |
a year | crt.sh |
| *.gstatic.com WR2 |
2024-09-16 - 2024-12-09 |
3 months | crt.sh |
| *.google.com WR2 |
2024-09-16 - 2024-12-09 |
3 months | crt.sh |
| *.googleusercontent.com WR2 |
2024-09-16 - 2024-12-09 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://gbhackers.com/ransomhub-ransomware-edr-bypass/
Frame ID: 190A3292FBD892A306477387AECBF974
Requests: 69 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: BA000265666C19C60038FC643FE678E1
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728305946&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fransomhub-ransomware-edr-bypass%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728305945831&bpp=15&bdt=587&idt=410&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4633958629995&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31087608%2C95341937%2C95343329%2C95344190&oid=2&pvsid=3832976605778700&tmod=1878347376&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=444
Frame ID: 7E20B1A6F5944FCD3527F7F7DC6A0B2A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&adk=3518161787&adf=2323878189&pi=t.aa~a.2826219797~rp.4&w=1200&abgtt=7&fwrn=4&fwrnh=100&lmt=1728305946&rafmt=1&to=qs&pwprc=9720455393&format=1200x280&url=https%3A%2F%2Fgbhackers.com%2Fransomhub-ransomware-edr-bypass%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728305945847&bpp=2&bdt=603&idt=446&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=4633958629995&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31087608%2C95341937%2C95343329%2C95344190&oid=2&pvsid=3832976605778700&tmod=1878347376&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=453
Frame ID: D90A16FD1084FA05CA858EBF77420589
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5372786174760228&output=html&h=280&adk=622020036&adf=611037867&pi=t.aa~a.4006426787~i.9~rp.4&w=702&abgtt=7&fwrn=4&fwrnh=100&lmt=1728305947&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9720455393&ad_type=text_image&format=702x280&url=https%3A%2F%2Fgbhackers.com%2Fransomhub-ransomware-edr-bypass%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=176&rw=702&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728305946918&bpp=1&bdt=1674&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4633958629995&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31087608%2C95341937%2C95343329%2C95344190&oid=2&pvsid=3832976605778700&tmod=1878347376&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=92
Frame ID: 307265188D095972AD4FD3F217576A07
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 4AAF4421359DD1114589321DC8FC029E
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 183A9DFBF9669BD8E685D32B124994C2
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: A31E79363EEC0730FE62AB8CE63F8B51
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 34AEDD5B92A59FA8BB1BABB181BB060A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
RansomHub Ransomware Using Multiple Techniques To Disable EDR And AntivirusPage URL History Show full URLs
- https://t.co/1QBGigO9F5 Page URL
-
https://ift.tt/wEXLHGN
HTTP 302
https://gbhackers.com/ransomhub-ransomware-edr-bypass/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
AMP
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel="amphtml"
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://www.linkedin.com/company/cybersecurity-news/
Title: Follow us On Linkedin
Title: Follow us On Linkedin
Search URL Search Domain Scan URL
URL: https://webinars.indusface.com/decoding-compliance-what-cisos-need-to-know/register?utm_source=gbhackers-side-banner&utm_medium=referral&utm_campaign=2024-september-decoding-compliance-what-cisos-need-to-know
Title: Decoding Compliance With CISOs
Title: Decoding Compliance With CISOs
Search URL Search Domain Scan URL
URL: https://webinars.indusface.com/detect-and-protect-strategies-for-malware-free-websites-and-apis/register?utm_source=gbhackers-side-banner&utm_medium=referral&utm_campaign=2024-oct-malware-free-websites
Title: <img width="300" height="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr4nW4cAG8I3JZ1SAaZmhk9_kr0FApg132AGAwYeMh4VlbC9AHgeA68klvcbxgadifinQbYhPvX9nlDigLyfNglIdkMoCvcHxO2lcjRbH3gSRRuuUHVEww2HZS_lmHJTrbpw7nB-Q-bVWNfR2vpQxeYBpLT2E59TmuWaSNbTTruvYI75XXFghP_mauIADK/s16000/300x600-pic.png">
Title: <img width="300" height="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr4nW4cAG8I3JZ1SAaZmhk9_kr0FApg132AGAwYeMh4VlbC9AHgeA68klvcbxgadifinQbYhPvX9nlDigLyfNglIdkMoCvcHxO2lcjRbH3gSRRuuUHVEww2HZS_lmHJTrbpw7nB-Q-bVWNfR2vpQxeYBpLT2E59TmuWaSNbTTruvYI75XXFghP_mauIADK/s16000/300x600-pic.png">
Search URL Search Domain Scan URL
URL: https://go.cynet.com/how-to-achieve-total-protection-webinar?utm_source=cyber_security_news&utm_medium=display_ad&utm_campaign=Q3-sponsored-content&utm_content=all-in-one-demo-on-demand
Title: <img width="928" height="90" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL7VZ-Y1elF5ihySU2CdYMrfRMYzitysaKPHiJnfsMz9kEIHQQ6ilBWO7_uZ6t_3ROiglWIfeivlrUctaFvmOhtZ9L6VwSPpfCjXzscV54qjxgRxKRpuIklsGsSeiRrsMOyqEhnGRb2fWuThzv-oE97o53OZZzQw9vOOXCPXbbT8Q4K-bHPl2QwluY2OLM/s16000/Cyber%20Security%20News%20Banner%20928x90.png " alt="EHA">
Title: <img width="928" height="90" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL7VZ-Y1elF5ihySU2CdYMrfRMYzitysaKPHiJnfsMz9kEIHQQ6ilBWO7_uZ6t_3ROiglWIfeivlrUctaFvmOhtZ9L6VwSPpfCjXzscV54qjxgRxKRpuIklsGsSeiRrsMOyqEhnGRb2fWuThzv-oE97o53OZZzQw9vOOXCPXbbT8Q4K-bHPl2QwluY2OLM/s16000/Cyber%20Security%20News%20Banner%20928x90.png " alt="EHA">
Search URL Search Domain Scan URL
URL: https://my.demio.com/ref/eUcOj8lOn9xpgJb3?utm_source=cyber_security_news&utm_medium=social&utm_campaign=Q4-sponsored-webinars&utm_content=ECMSIwebinar
Title: Free Registration
Title: Free Registration
Search URL Search Domain Scan URL
URL: https://www.trendmicro.com/en_no/research/24/i/how-ransomhub-ransomware-uses-edrkillshifter-to-disable-edr-and-.html
Title: Trend Micro’s
Title: Trend Micro’s
Search URL Search Domain Scan URL
URL: https://app.any.run/?utm_source=li_csn&utm_medium=post&utm_campaign=safebrowsing&utm_content=service&utm_term=240924
Title: Try It for Free
Title: Try It for Free
Search URL Search Domain Scan URL
URL: https://webinars.indusface.com/decoding-compliance-what-cisos-need-to-know/register?utm_source=blog-cta&utm_medium=referral&utm_campaign=2024-september-decoding-compliance-what-cisos-need-to-know
Title: Register Now
Title: Register Now
Search URL Search Domain Scan URL
URL: https://feeds.feedburner.com/gbhackers/cybersecurity
Title: RSS
Title: RSS
Search URL Search Domain Scan URL
URL: https://twitter.com/gbhackers_news
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://t.co/1QBGigO9F5 Page URL
-
https://ift.tt/wEXLHGN
HTTP 302
https://gbhackers.com/ransomhub-ransomware-edr-bypass/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 67- https://i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZWfFh6kgT_TUftPUc8T_k3ln_EehMGsXA01Y6M-fQVNH9hAoDg7hiFwvs45lK51Jyg-dp6ucb080LYoFFMvkKi9v-M3qBJe-26gASUJuzDp5f5eGWoSCZZw3_pnv_WC0WeTQfAAHR3ocWG5gz3NksKEy2qTz4-3fxFhWPNc2bBna6jZpcJvYOV0qvkGAz/s1600/RansomHub%20Ransomware%20EDR%20Bypass.webp?w=696&resize=696,0&ssl=1 HTTP 302
- https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZWfFh6kgT_TUftPUc8T_k3ln_EehMGsXA01Y6M-fQVNH9hAoDg7hiFwvs45lK51Jyg-dp6ucb080LYoFFMvkKi9v-M3qBJe-26gASUJuzDp5f5eGWoSCZZw3_pnv_WC0WeTQfAAHR3ocWG5gz3NksKEy2qTz4-3fxFhWPNc2bBna6jZpcJvYOV0qvkGAz/s1600/RansomHub%20Ransomware%20EDR%20Bypass.webp
76 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
1QBGigO9F5
t.co/ |
221 B 901 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
gbhackers.com/ransomhub-ransomware-edr-bypass/ Redirect Chain
|
263 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b07551821deafed18860688967539e97.css
gbhackers.com/wp-content/litespeed/css/ |
110 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7a094d7f8e2c386f14fee69e7794002b.css
gbhackers.com/wp-content/litespeed/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3bf9892e971db026ebc7f0a5a5050d05.css
gbhackers.com/wp-content/litespeed/css/ |
4 KB 1016 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c31f820e1c0ed5aeebb8bb3728e10ace.css
gbhackers.com/wp-content/litespeed/css/ |
36 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
38 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
691c3ba3ac01630b037f67e0e776d9d5.css
gbhackers.com/wp-content/litespeed/css/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c6a1c558f9599505e674dc121522b8d2.css
gbhackers.com/wp-content/litespeed/css/ |
35 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3634cf0217589f9ac478a28ad0aa8ec4.css
gbhackers.com/wp-content/litespeed/css/ |
112 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
568c797d9a70722a4d648f956f12702e.css
gbhackers.com/wp-content/litespeed/css/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2e97590493d4e9d98dbf42dad3a70813.css
gbhackers.com/wp-content/litespeed/css/ |
518 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d70781104619c8043391f015873e7343.css
gbhackers.com/wp-content/litespeed/css/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
gbhackers.com/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
44a8438280a25fc2bef30c67fe80af6b.js
gbhackers.com/wp-content/litespeed/js/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
163 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
88abcef607d2b87dee895ff8396d0658.js
gbhackers.com/wp-content/litespeed/js/ |
156 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b1a5d33cce53f54215980fc4881a15e1.js
gbhackers.com/wp-content/litespeed/js/ |
2 KB 635 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d789a240323eb11e8d891d09652cacb4.js
gbhackers.com/wp-content/litespeed/js/ |
3 KB 936 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1784195217b92a4a0d688471923e1bfa.js
gbhackers.com/wp-content/litespeed/js/ |
9 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
20fe1466ec961d6814f53fba3f79a3e2.js
gbhackers.com/wp-content/litespeed/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
686ee657c2c36e1c7c77a1805f3b498d.js
gbhackers.com/wp-content/litespeed/js/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
840feff4e5b2adbe27dca9baa3cb971a.js
gbhackers.com/wp-content/litespeed/js/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202441.js
stats.wp.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
948ee26f370f8f0ca7d5290060ea7d42.js
gbhackers.com/wp-content/litespeed/js/ |
29 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f3d9b166560ed7f3fa85206f6886547e.js
gbhackers.com/wp-content/litespeed/js/ |
1 KB 614 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33b01e728630fe3118f6cc64566cb16c.js
gbhackers.com/wp-content/litespeed/js/ |
6 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aaedd9e0d412d576285907b552682398.js
gbhackers.com/wp-content/litespeed/js/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
41001ba4f211ee15a6de905452c3a0eb.js
gbhackers.com/wp-content/litespeed/js/ |
11 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9b803e65a8022c079ab7a394c2aee836.js
gbhackers.com/wp-content/litespeed/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5814fcddf60283f687967243da775c5a.js
gbhackers.com/wp-content/litespeed/js/ |
10 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ |
33 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v21/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
O4ZRFGj5hxF0EhjimlIksgg.woff2
fonts.gstatic.com/s/epilogue/v17/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ |
89 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ |
409 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame BA00 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 7E20 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame D90A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ |
172 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ca-pub-5372786174760228
fundingchoicesmessages.google.com/i/ |
200 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AGSKWxXqzsnpZM7nmejAH_a98SY8H_W0ZuI3Nzv-GIK3uWKRXmEZkV2cnX3jDB9eVw-C6g8xWD7VjJ2p1i7NFV25HjZ5J7eodwDmJZEzOc9Zs3yu1hqmaCKojkaP8Vv2Dn-NgqRtIlfGOA==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 3072 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 4AAF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 183A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
AGSKWxVHgUH0BDJnx8YEcKlB-N9GTxd0z6KfWeJtRjd1wkYdjUElYUwnpHEKfu2u1ANyOfiqdCycIAMSm3mPQbapSJjqG3sB8NB-AJwvR1pbxfJf384gXB0FtVFDK_dfmU64oAJSV5yuZg==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cyad1.
fundingchoicesmessages.google.com/f/AGSKWxWJpPB52-j1mBRbPDppEAqg_G_bUGx2Gykh3Rb7ItTISNiXuO7C-xgJm5TxHZQiE2CLzmeDmQCKeSS9sxaGsCUIDVQ9iDjGAo3LuL-hVkcv0E40rewNA8xZUrh6sGhhgcqE5AGWoTDBzghKNWdBvBrKSAUj0... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
lidar.js
pagead2.googlesyndication.com/pagead/js/ |
242 KB 76 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxUZARL4Jr7v_lZRUZC1tvuTYK7h_hm119misn_t0PsVDg4KH26YmoXXqepSrkm1gHX7gOEYKPFs3j1a1w3zEBFydv7nRJGqxhVqBstNPg0iveXRunVolVRfbkw0HeQsqDK1i9WMYA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxUZARL4Jr7v_lZRUZC1tvuTYK7h_hm119misn_t0PsVDg4KH26YmoXXqepSrkm1gHX7gOEYKPFs3j1a1w3zEBFydv7nRJGqxhVqBstNPg0iveXRunVolVRfbkw0HeQsqDK1i9WMYA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxUZARL4Jr7v_lZRUZC1tvuTYK7h_hm119misn_t0PsVDg4KH26YmoXXqepSrkm1gHX7gOEYKPFs3j1a1w3zEBFydv7nRJGqxhVqBstNPg0iveXRunVolVRfbkw0HeQsqDK1i9WMYA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxUZARL4Jr7v_lZRUZC1tvuTYK7h_hm119misn_t0PsVDg4KH26YmoXXqepSrkm1gHX7gOEYKPFs3j1a1w3zEBFydv7nRJGqxhVqBstNPg0iveXRunVolVRfbkw0HeQsqDK1i9WMYA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
AGSKWxVSUQc0iPzlqZaszEzjFyqj_K7sIxut8eaZ1ZjxGKx5l2_gg9uIJK3WYFEgdehQomkrvUMHQq89B_XDyo249iTx8ycuBfDFWXkQfLabBNSnhZjXCWDYJSD5W_2pPRkb_KJbERLE0A==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxVTn8IPt9FCy2L89eyju9B1od10rsbEqAmJ2rhnTUsLB_WkTZCAPoiiDfKyx-DwGtllGyOpoSMnOzYn7-QxikIfGMUmbMOfs75ZsPzWUcM0FilHJjmpphT0QuHFBHKXNLZuQlqAyA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
AGSKWxUZARL4Jr7v_lZRUZC1tvuTYK7h_hm119misn_t0PsVDg4KH26YmoXXqepSrkm1gHX7gOEYKPFs3j1a1w3zEBFydv7nRJGqxhVqBstNPg0iveXRunVolVRfbkw0HeQsqDK1i9WMYA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
17 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RansomHub%20Ransomware%20EDR%20Bypass.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZWfFh6kgT_TUftPUc8T_k3ln_EehMGsXA01Y6M-fQVNH9hAoDg7hiFwvs45lK51Jyg-dp6ucb080LYoFFMvkKi9v-M3qBJe-26gASUJuzDp5f5eGWoSCZZw3_pnv_WC0WeTQfAAHR3ocWG5gz... Redirect Chain
|
242 KB 243 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
300x600-pic.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr4nW4cAG8I3JZ1SAaZmhk9_kr0FApg132AGAwYeMh4VlbC9AHgeA68klvcbxgadifinQbYhPvX9nlDigLyfNglIdkMoCvcHxO2lcjRbH3gSRRuuUHVEww2HZS_lmHJTrbpw7nB-Q-bVWNfR2v... |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gbh.png
gbhackers.com/wp-content/uploads/2024/09/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cropped-gbh-32x32.png
gbhackers.com/wp-content/uploads/2024/09/ |
794 B 886 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame A31E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
aframe
www.google.com/recaptcha/api2/ Frame 34AE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fig1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhylyDe9M3kfaPkbgXHk9vNzGeZUhfrJCVro7Eff25go0i0X8mGnSL5k0jPl6OBuU5Br-VyCqcFpHTfg1iG-JjlV87n4iQLrqvxJ7UTZZyaB1zXrTjOYEMii498MFymEso7nbFbu0dKzt9hR3rS... |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241001&jk=3832976605778700&bg=!wMOlw4zNAAax3igvkd47ADQBe5WfOLMY7jZKVDk_7IDPOwL5wp2wfhuGLw0XoCXLtxCzBnXTIJa_HG5PoI5eWKjiBZCpAgAAADpSAAAABGgBB34ANkIfbr-OYfCAw2sBj0su5Av1UeyWVrLkBLA2ltBrL6J9CvOlZShNPlYSBgFBPFm-UXv4BUpagpkCoTJB4nb7vavbuLwHD6Fd30WUHelOkm_n_gwdvQ392DZ1y4l_oDeSIeopxEwb5ATUv_jUQI4TxwUbe2ChC2jNRRzREnWoOjlMWOgeZZmz5G6dvN4DBLH-nkhTxM7tmL6mhf36Fr0CjocduH-f-rlBr6vO1ZqEMwnAqweypO9bRKbIItx2nVdfQpTCyc0XSub6ovi4fNdVpwa5aUo94zAbiewO8ddJMzK52UfjtdQBGy77d3cq9enQo8Fla_ci9PbFIXbNqjWSkZ8Od_WPM6al3GJ3IwSg5x9TCOIpC4BP7oLeMYpfePBfM3i-nZzH_PcEKlImy3DePHzxnod3e7VzBgyHpZ1ZBCgIAFuq0v3_Sv8TJZ3Weu6fRhzKmYxO0OdoUxtbze4wQgZYG-DXTH1C64Ovpt7RUh9g-HzACiQZx-p7P1StZP7HWjw8X9tyQImfiEwb0tHUR63ES2eJmF60r8_9jwUJXQlDWA8GPT9gLyAdtKO4gaaJgZRzU8mUYM9CU29uUXWRMkvrIxJkDvMtZUAHjZ4I9_CRkqBCeNVIAOSaZfFRaM6HEZ9jr62eGSnCLdVlD2fIkH5SRegDsbjXM6bzQmQ_0rC0_GpyJg8HzbNQ-GYwD-doLp3XGskYF-aM727L3lcymiXZBzYxqXeImQU4kNHI3SWlDSl2rUwK9cetkUkU1Q0hXAHVgDgGHVHJXvDSZqNAd5VwglkMslW_LLlCtKxUmV_xg8TnnLe_bwmZjD-d7LqI3rTxbl2R3Do_SA_a0rIoJxCH7QKqPpalcSOyrgHfMiibBbZvLFEl0MzkpcRVRdlmW_wiXefzcpTd-eMHPDYdrIkaHaD56xSNiE-YSRsQ2zjtQrOq8UONHNFwomciojUuCbOqdP4Twcop4kM
Verdicts & Comments Add Verdict or Comment
167 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| jQuery object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_show_more_info string| tds_show_less_info string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_theme_color_site_wide string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| td_reset_pass_empty string| td_reset_pass_confirm_empty string| td_reset_pass_not_matching string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_deploy_mode object| block_tdi_68 object| block_tdi_84 object| block_tdi_100 object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady object| tdSocialSharing function| tdModalImage function| _ object| tds_js_globals object| tdsLeads object| tdsStore object| tdsMain function| st_go function| linktracker_init object| wpcom object| _stq object| tdcPostSettings function| tdbGetMobileTemplates object| tdToTop object| tdAjaxSearch object| tdStickyRow object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdSmartSidebar object| td_res_context_registered_atts function| LazyLoad object| addComment object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjBlNzlkYzE0MzJkOGU1Y2xvYWRlcl9qcw== string| ZjBlNzlkYzE0MzJkOGU1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| 0f994046-9988-4c00-a369-d3db27bb707c number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .t.co/ | Name: muc Value: 91df42b5-20aa-428f-becb-b3b94b010305 |
|
| .t.co/ | Name: muc_ads Value: 91df42b5-20aa-428f-becb-b3b94b010305 |
|
| .t.co/ | Name: __cf_bm Value: phAmqB8n5fsJB3CjSf5uEE_TrF_DzUh0eb.JyEd2Zkk-1728305938-1.0.1.1-1lWkEsRu3U8tf3OOI5VTtCun00VgjFmJO8cAIfBd_whANiDpxoCTXjq9XOF2baHDti2X2kQl5ZlTsfzqWBBxGw |
|
| .gbhackers.com/ | Name: __gads Value: ID=03e19c0356ee05ab:T=1728305946:RT=1728305946:S=ALNI_MbBGkle3Z4iLG5sQRR4mMOKf4iOew |
|
| .gbhackers.com/ | Name: __gpi Value: UID=00000f260346afac:T=1728305946:RT=1728305946:S=ALNI_MbAUwsNP4hZ-rAix7WauOVs96XWPw |
|
| .gbhackers.com/ | Name: __eoi Value: ID=4da7e331a752c964:T=1728305946:RT=1728305946:S=AA-AfjYCzq7-03Oko8esgiwi9rot |
|
| .googleadservices.com/ | Name: ar_debug Value: 1 |
|
| .mediago.io/ | Name: __mguid_ Value: 4acc6291a268bded24s5gn00m1z0qjrd |
|
| gtrace.mediago.io/ | Name: cst_70 Value: ts=1728305947 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmiBPq8KRcFQAvWQV7rAoXCJgy7H0_1v44VxzYjJNZyq2qIXN3ORtmCw51TRzE |
|
| .gbhackers.com/ | Name: FCNEC Value: %5B%5B%22AKsRol-OQrrZ6RvUOqMlJj4L8J2idBIiESLYOMGY6wwy5ps0D5Ri1o6htsyB_YslYvq73LcGKxmrKLgRKJbq_E5raz-R6WwEkXC3NuG81heljGJ5JV5aVKpBFbW_mNZvwO82fPgiAbUu1IhM63twVHnt0zfsajERiQ%3D%3D%22%5D%5D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=0 |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gbhackers.com
googleads.g.doubleclick.net
i2.wp.com
ift.tt
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
t.co
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.176.194
142.250.64.110
142.250.72.98
142.251.32.97
142.251.40.228
142.251.40.99
162.159.140.229
172.233.149.136
192.0.76.3
192.0.77.2
2607:f8b0:4006:807::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:821::200a
52.85.61.72
03eb35d2c61e33914021a31744442ff745d86e5d9ae88e0a549d505b545ca92a
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
06db7e22842e51f25b34f6964a235d104e19f8a5a934333124a444eb19223b1a
0ddb781cae317bf32d875326ed7434be05ab590ed2d018a8121999656f210a70
0df69d80c44e57c96aedb642a255f3736d9cc4452c65fdc2c32b1aa8ebe80a6b
15c07f47a6f51ed692f07d65591c90bb3680819004127e75eebd70875450c2ea
1aba33996d8114efef36d7f8a1c885e48d0294fb2d8af33a74f17199f154a63f
1cae5bb9eb4f236f846a7e8c432536f4bdc8b76601507781a1b051549e604c6f
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
266bdd903d41099a4128590129e71f4199670d18cfaafc71010837b9743adce1
28823be416bfac3982cc25b99d05ba703c0a060bd49ecc8405d53b73889bc1fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b21b7c7ec3443ebab917b103edd597007d931907af2d40c4a82a99cfd590917
2e1030c78c1588b14fdb72127a80608c6294b42576cdc02f2c64d7442bcc1217
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f28c5710691981e0160a6bc8a244129aa23f9b3a991b68c8a84abe065dd685f
3937aadc3da0b60a044d7575203313e11cf5822e3c800da09e2e15d00acf60df
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
45bcf6fb7866a6edc79a2a1f7d62531d8cf57af62461aa2c09208de338b1d853
585316cd09ba4fbb226351588bf213258d4db37eec5034e9689d338de08d0505
58a34a98a2d0b2823ca5b8d3602c02efa1ba0364d3bdb4549499cfb4f594a2f7
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6eabe6fc9af525bfe45c37f58a1265a4675c0213817a9249bc2d253049b9c649
75c578ded4b90dda40b2f2f2b6bf353913eba7ba8dd39b5f85911fb1a9a0cd7b
7654a4fb5f68e1b8c866bb9ba6ca6f68f7e7be6e0fabced58bab21959f22983e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
83d76a859e8582ab22d07095046faaa7c959ef3e586f78526016ef219004ca56
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
a0893023bcc1c627f43f92e6393d5f788b8cc5fd26bfa6c615b5b3fff62fd273
a61c9de0f6bc257a78ae119aa597966463d282de64aa3e12b52c8f825b1a49ee
aa0b2f74620ebffe8753db7c2b2fbad1f1621b3941d48ff3fc486f894ed4445d
aa3f1ed9ab1be7247a9abd2246ceb292ca24b021cd257f925600a345f270669f
ac4f4b59ac173f5fe91db901462327d78a59b8edef7c75d796160fba891c73d0
b04ad9bd13dad8818015a0225db1c058bb93ebc88c53fb7785ef4d7d7e0505b7
b6d1ccdad7fcbc4334065e917d4ea50742893df646bb2b93b3417dd4d0baf59e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb498a35ef9f158985de87afb5d760bcfcfd6c50631d3b5e67da8ed2213ec0a0
bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee
c04176b038593ab90a42f5f7df97bcf2f4068a272ff882854bdcdfa775ed2e39
c0cfe8485ae2c57d73ef414f5adea8de39e053f0973470e27d0f195ca00a01b1
c87d5b8432db51d821cbfe3dc9caa4e3626a9ffc84cb0a2f495b9bdb67094530
caef5d548559a26d1125292ccea6ded57ef001a7ee7ec2c442acc397f8320bc1
cafc469a0fdcd1c9180a338b965f9d0116ab0377265c2b5d0409d2d15112c718
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf348e09ccb8df23ba4223cfd092f016b9d2fa4ff7a9e992fa5e063386d9691
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d9ab311361c61b2e075141b7233aa73fdd6c8e7db46bf5dd3b1b722a81bc3375
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db7dca634a48eb7d3800096b7572b93bdf59ed2b20c03fd7f2fe54af3aa00b58
e185204fa23df0a129c6a5ac7e95b3254ee81a1def15b4d87aa489219fc183d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41428e758ebbe4b8101552d3d80e98ac380066c1ff16739d97975f6127bcefd
e94c09ff619a326d9679e5547a5dea20b73b1cd1c85a811d7b666ee2b0ee9d0d
ed0904ce62bae276b25332abaf509a35675369db387e0f46653310a51f57bcda
efb4dff53839a3d167e17bfb20955e799f4791e12d2c2a2a0344fa6cfd722969
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fbf2f8b0bcafcdfc47f42dfeacb7e877b927a78cc77f62d0ed9bdee2a2206bbf
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99