krebsonsecurity.com Open in urlscan Pro
130.211.45.45  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/	79 KB 18 KB	174ms 49ms	Document text/html	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash ca66d8e749753384506d8b92e1004b154d0102f0ac8aada6d1c26b309ae6dc72 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 19199 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control max-age=0,public content-encoding gzip content-length 18487 content-type text/html; charset=UTF-8 date Tue, 05 Nov 2024 09:52:09 GMT last-modified Tue, 05 Nov 2024 09:46:49 GMT pragma public referrer-policy no-referrer-when-downgrade server nginx vary Accept-Encoding via 1.1 google x-cache-status EXPIRED
GET H2	200	colorbox.css krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/theme1/	5 KB 1 KB	62ms 60ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/theme1/colorbox.css?ver=1.3.14 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 8a7d024a35f5ef90cc5b7d1ae106dfb5d7202aa7ff27fbee01569747e87ba25f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 530464 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1292 date Wed, 30 Oct 2024 11:51:04 GMT content-type text/css server nginx
GET H2	200	style.min.css krebsonsecurity.com/wp-includes/css/dist/block-library/	95 KB 13 KB	62ms 60ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 254 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12736 date Tue, 05 Nov 2024 15:07:54 GMT last-modified Sun, 02 Apr 2023 15:56:57 GMT content-type text/css server nginx vary Accept-Encoding
GET H2	200	classic-themes.min.css krebsonsecurity.com/wp-includes/css/	291 B 271 B	130ms 128ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/css/classic-themes.min.css?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 254 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 210 date Tue, 05 Nov 2024 15:07:54 GMT last-modified Sun, 02 Apr 2023 15:56:57 GMT content-type text/css server nginx vary Accept-Encoding
GET H2	200	styles.css krebsonsecurity.com/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	130ms 128ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 374029 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1004 date Fri, 01 Nov 2024 07:18:19 GMT content-type text/css server nginx
GET H2	200	style.css krebsonsecurity.com/wp-content/themes/kos-mar2021/	50 KB 11 KB	130ms 128ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/themes/kos-mar2021/style.css?subver=1.2&ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 36c0d84358f7ed972ad8193537a327f2f1520e47167c8f5d0905842ef87b46c7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 375784 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11054 date Fri, 01 Nov 2024 06:49:04 GMT content-type text/css server nginx
GET H2	200	custom.css krebsonsecurity.com/wp-content/themes/kos-mar2021/	4 KB 1 KB	134ms 132ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/themes/kos-mar2021/custom.css?subver=1.2&ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 47d217e2b7354090c7bcdc5fa1984e8174d3556c04f421483a15bbd63a4129fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 374770 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1106 date Fri, 01 Nov 2024 07:05:58 GMT content-type text/css server nginx
GET H2	200	font-awesome.min.css krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/	28 KB 7 KB	134ms 132ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/font-awesome.min.css?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=864000,public,public content-encoding gzip pragma public age 3035 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6666 date Tue, 05 Nov 2024 14:21:33 GMT content-type text/css server nginx
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	234ms 81ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C500%26subset%3Dlatin%2C Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash da7ca2b4251081f029bf1895e6d6ec80c3562729796cd76066d655ed14a7c610 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 05 Nov 2024 15:12:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 15:12:08 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 05 Nov 2024 15:12:08 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	jquery.min.js Show response krebsonsecurity.com/wp-includes/js/jquery/	88 KB 30 KB	393ms 392ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 254 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31049 date Tue, 05 Nov 2024 15:07:54 GMT last-modified Sun, 02 Apr 2023 15:56:57 GMT content-type application/x-javascript server nginx vary Accept-Encoding
GET H2	200	jquery-migrate.min.js Show response krebsonsecurity.com/wp-includes/js/jquery/	13 KB 5 KB	420ms 419ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 745 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4795 date Tue, 05 Nov 2024 14:59:43 GMT last-modified Sun, 02 Apr 2023 15:56:57 GMT content-type application/x-javascript server nginx vary Accept-Encoding
GET H2	200	jquery.colorbox-min.js Show response krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/	9 KB 4 KB	423ms 421ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/jquery.colorbox-min.js?ver=1.3.14 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 616b37bc7bd1b2514f27a81cd2703a053cdf81d6ac098ee3298e963bc822de23 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=864000,public,public content-encoding gzip pragma public age 453808 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4060 date Thu, 31 Oct 2024 09:08:40 GMT content-type application/x-javascript server nginx
GET H2	200	jspullquotes-core.css krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/	1 KB 569 B	132ms 131ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/jspullquotes-core.css Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash d3ed930bffbc2adbc25f5563f1592629e94dc740cc64244676a18412bbd26f68 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 427277 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 503 date Thu, 31 Oct 2024 16:30:51 GMT content-type text/css server nginx
GET H2	200	jspullquotes-default.css krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/	690 B 443 B	132ms 131ms	Stylesheet text/css	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/jspullquotes-default.css Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 54f294873f35180bb43c2d86bfff562195e700d181e3deecacc3232f3cf9b1e2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 144932 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 376 date Sun, 03 Nov 2024 22:56:36 GMT content-type text/css server nginx
GET H2	200	jspullquotes.js Show response krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/	6 KB 2 KB	427ms 426ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/jspullquotes/resources/jspullquotes.js Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash d813f437bbfbafef2652feda67788f6e5b48aebb6f60ca976d89a506a9156534 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control max-age=864000,public,public content-encoding gzip pragma public age 374770 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2232 date Fri, 01 Nov 2024 07:05:58 GMT content-type application/x-javascript server nginx
GET H2	200	9.png krebsonsecurity.com/b-sonrai/	15 KB 15 KB	471ms 470ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/b-sonrai/9.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash fcc0659caa3230eed52d2ec43a8538a2e02e5a5ac292aad206a14a81d17ec946 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control private referrer-policy no-referrer-when-downgrade via 1.1 google expires Tue, 05 Nov 2024 15:17:08 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15010 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/png server nginx
GET H2	200	16.png krebsonsecurity.com/b-nyu/	278 KB 278 KB	444ms 443ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/b-nyu/16.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 42f59a090a3dfb961c03b318230607e2750f330d868f80bc1cce78c55a9c7977 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control private referrer-policy no-referrer-when-downgrade via 1.1 google expires Tue, 05 Nov 2024 15:17:08 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 284623 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/png server nginx
GET H3	200	kos-27-03-2021.jpg krebsonsecurity.com/wp-content/uploads/2021/03/	82 KB 82 KB	161ms 160ms	Image image/jpeg	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/wp-content/uploads/2021/03/kos-27-03-2021.jpg Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 77f4202b0dd725b625864c4325ed26291ad5eb1adea7bc11b9c3d1c9f5da7511 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers cache-control public,max-age=8640000 etag "6064ca32-14826" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84006 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/jpeg last-modified Wed, 31 Mar 2021 19:14:58 GMT server nginx vary Referer
GET H3	200	wp-emoji-release.min.js Show response krebsonsecurity.com/wp-includes/js/	18 KB 5 KB	57ms 57ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 3663 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5039 date Tue, 05 Nov 2024 14:11:05 GMT last-modified Sun, 02 Apr 2023 15:56:57 GMT content-type application/x-javascript server nginx vary Accept-Encoding
GET H3	200	bookingcomphish.png krebsonsecurity.com/wp-content/uploads/2024/11/	186 KB 186 KB	152ms 151ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/wp-content/uploads/2024/11/bookingcomphish.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 4b95d820d3824b514c16e2381110d2f69b50db86a2963a4e13683feba7a0bee6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers cache-control public,max-age=8640000 etag "67250087-2e6c2" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190146 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/png last-modified Fri, 01 Nov 2024 16:23:35 GMT server nginx vary Referer
GET H3	200	17.png krebsonsecurity.com/b-nyu/	167 KB 167 KB	143ms 142ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/b-nyu/17.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 8262482b0bae9f20c73829a8a1d3f665b2cd492489365da4600c85df012b927e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status MISS cache-control private referrer-policy no-referrer-when-downgrade via 1.1 google expires Tue, 05 Nov 2024 15:17:08 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 171059 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/png server nginx
GET H3	200	comment-reply.min.js Show response krebsonsecurity.com/wp-includes/js/	3 KB 1 KB	55ms 55ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-includes/js/comment-reply.min.js?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=10000,public content-encoding gzip pragma public age 11289 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1351 date Tue, 05 Nov 2024 12:03:59 GMT last-modified Thu, 20 Oct 2022 07:15:50 GMT content-type application/x-javascript server nginx vary Accept-Encoding
GET H3	200	slicknav.js Show response krebsonsecurity.com/wp-content/themes/kos-mar2021/js/	17 KB 4 KB	56ms 55ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/themes/kos-mar2021/js/slicknav.js?ver=6.2.2 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash da482890b20fb4687125256abaa522d0a4641b158bb3b9ca566566e8865aba1c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=864000,public,public content-encoding gzip pragma public age 769034 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4084 date Sun, 27 Oct 2024 17:34:54 GMT content-type application/x-javascript server nginx
GET H3	200	akismet-frontend.js Show response krebsonsecurity.com/wp-content/plugins/akismet/_inc/	11 KB 3 KB	59ms 59ms	Script application/x-javascript	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1720677597 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control max-age=864000,public,public content-encoding gzip pragma public age 763763 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3293 date Sun, 27 Oct 2024 19:02:45 GMT content-type application/x-javascript server nginx
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	117ms 50ms	Font font/woff2	216.58.206.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C500%26subset%3Dlatin%2C Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://krebsonsecurity.com Referer https://fonts.googleapis.com/ Response headers age 6806 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 05 Nov 2025 13:18:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 13:18:42 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v32/	20 KB 20 KB	118ms 51ms	Font font/woff2	216.58.206.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C500%26subset%3Dlatin%2C Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f3.1e100.net Software sffe / Resource Hash a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://krebsonsecurity.com Referer https://fonts.googleapis.com/ Response headers age 517548 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:26:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:26:20 GMT last-modified Thu, 01 Aug 2024 20:41:23 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 20144 x-xss-protection 0 server sffe
GET H3	200	fontawesome-webfont.woff2 krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/	70 KB 70 KB	50ms 49ms	Font application/octet-stream	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/font-awesome.min.css?ver=6.2.2 Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://krebsonsecurity.com Referer https://krebsonsecurity.com/wp-content/themes/kos-mar2021/fonts/font-awesome.min.css?ver=6.2.2 Response headers x-cache-status MISS cache-control max-age=864000,public age 769033 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71896 date Sun, 27 Oct 2024 17:34:55 GMT server nginx
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	138ms 72ms	Font font/woff2	216.58.206.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C500%26subset%3Dlatin%2C Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f3.1e100.net Software sffe / Resource Hash ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://krebsonsecurity.com Referer https://fonts.googleapis.com/ Response headers age 516092 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:50:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:50:36 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18588 x-xss-protection 0 server sffe
GET H3	200	bookingdotcomphishingsite-768x470.png krebsonsecurity.com/wp-content/uploads/2024/11/	92 KB 92 KB	221ms 221ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/wp-content/uploads/2024/11/bookingdotcomphishingsite-768x470.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 89afa070f0725955ca890f158b1aa9cc1cbba57ae5383c50fbc020dde603423a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers cache-control public,max-age=8640000 etag "6724fb4c-17113" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94483 date Tue, 05 Nov 2024 15:12:08 GMT content-type image/png last-modified Fri, 01 Nov 2024 16:01:16 GMT server nginx vary Referer
GET H3	200	computered-580x389.png krebsonsecurity.com/wp-content/uploads/2017/06/	262 KB 262 KB	269ms 268ms	Image image/png	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://krebsonsecurity.com/wp-content/uploads/2017/06/computered-580x389.png Requested by Host: krebsonsecurity.com URL: https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 2c54169774031a3d5a8f8dde4ca21ea6c03663ff49fe4fe71bec3a908a7c5a4a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers cache-control public,max-age=8640000 etag "594bb8eb-4199b" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 268699 date Tue, 05 Nov 2024 15:12:09 GMT content-type image/png last-modified Thu, 22 Jun 2017 12:32:43 GMT server nginx vary Referer
GET H3	200	favicon.ico krebsonsecurity.com/	318 B 337 B	33ms 33ms	Other image/vnd.microsoft.icon	130.211.45.45 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://krebsonsecurity.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.45.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 45.45.211.130.bc.googleusercontent.com Software nginx / Resource Hash 1405863ed52d1ca5470d58d5291fe3c0bd4d074695f3cb13df28f849c64cfcc6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/ Response headers x-cache-status HIT cache-control public,max-age=31536000 age 2499213 referrer-policy no-referrer-when-downgrade via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 318 date Mon, 07 Oct 2024 16:58:36 GMT content-type image/vnd.microsoft.icon server nginx

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery object| pullquote function| pullQuoteOpts object| arrOptions object| addComment object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
krebsonsecurity.com
130.211.45.45
216.58.206.35
2a00:1450:4001:802::200a
1405863ed52d1ca5470d58d5291fe3c0bd4d074695f3cb13df28f849c64cfcc6
2c54169774031a3d5a8f8dde4ca21ea6c03663ff49fe4fe71bec3a908a7c5a4a
36c0d84358f7ed972ad8193537a327f2f1520e47167c8f5d0905842ef87b46c7
42f59a090a3dfb961c03b318230607e2750f330d868f80bc1cce78c55a9c7977
47d217e2b7354090c7bcdc5fa1984e8174d3556c04f421483a15bbd63a4129fe
4b95d820d3824b514c16e2381110d2f69b50db86a2963a4e13683feba7a0bee6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
54f294873f35180bb43c2d86bfff562195e700d181e3deecacc3232f3cf9b1e2
616b37bc7bd1b2514f27a81cd2703a053cdf81d6ac098ee3298e963bc822de23
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674
77f4202b0dd725b625864c4325ed26291ad5eb1adea7bc11b9c3d1c9f5da7511
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8262482b0bae9f20c73829a8a1d3f665b2cd492489365da4600c85df012b927e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89afa070f0725955ca890f158b1aa9cc1cbba57ae5383c50fbc020dde603423a
8a7d024a35f5ef90cc5b7d1ae106dfb5d7202aa7ff27fbee01569747e87ba25f
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
ca66d8e749753384506d8b92e1004b154d0102f0ac8aada6d1c26b309ae6dc72
d3ed930bffbc2adbc25f5563f1592629e94dc740cc64244676a18412bbd26f68
d813f437bbfbafef2652feda67788f6e5b48aebb6f60ca976d89a506a9156534
da482890b20fb4687125256abaa522d0a4641b158bb3b9ca566566e8865aba1c
da7ca2b4251081f029bf1895e6d6ec80c3562729796cd76066d655ed14a7c610
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
fcc0659caa3230eed52d2ec43a8538a2e02e5a5ac292aad206a14a81d17ec946